0

I have made a small http server in python, I get the request from the browser parse the header and send to specified address and give the reply back to the user It is working good with http but with websites using https it is not working

    socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((webserver,port))
    s.send(data)

The data is what the client requested and the webserver and the port is what i parsed I just want to know that do i have to use the same technique for https if not then why this method is not working

ibadia
  • 909
  • 6
  • 15
  • I am not sure if you seen answer to following question: http://stackoverflow.com/questions/2146383/https-connection-python – rt.jar May 01 '17 at 11:48
  • I have read it but still I dont get the point, It is using urllib2 for the processing but i want to forward request on header level – ibadia May 01 '17 at 12:46
  • It is not clear what you are trying to achieve. Do you want to write a HTTP proxy able to deal with HTTPS by using the CONNECT method (this is what you configure as HTTPS proxy in the browser) or do you want to write an SSL intercepting proxy or what exactly? If your non-HTTPS example would be more than just these 3 lines one could maybe find out from this what you are trying to achieve. – Steffen Ullrich May 01 '17 at 13:21
  • I just want to write a proxy which is able to deal with the https request from browser examples At the moment my program is able to tackle the http request but not able to tackle the https request – ibadia May 01 '17 at 13:27
  • 1
    Read @Steffen Ullrich 's comment carefully . It's a little more complex than 3 lines . You 'll need a certifficate and key to sslwrap your server , and add this cert to your browsers trusted certifficates . Then you could handle a CONNECT request separately ( send a 200 response and sslwrap ), or serve HTTPS on a different port – t.m.adam May 01 '17 at 22:33
  • @ibadia.fastian: the usual proxy as configured in the browser deals with HTTPS by handling a CONNECT request from a browser and establish a tunnel to the given host - see [RFC 2817](https://www.ietf.org/rfc/rfc2817.txt). This kind of proxy server does not handle any SSL by its own, it just forwards the traffic after the CONNECT request to build the tunnel and the SSL handshake will be done between client and server. But there are also SSL intercepting proxies like fiddler which behave differently and these explicitly deal with SSL. It is still unclear what you are trying to create. – Steffen Ullrich May 02 '17 at 04:23
  • Yeah , it's much easier for a non - intercepting proxy , just send 200 and let the client do the handshake . Can you include more code ( the HTTP parsing part ) ? – t.m.adam May 02 '17 at 05:33

0 Answers0