You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While attempting to create a forward proxy with cohttp, I could not figure out how I would handle a CONNECT request.
There is an example cohttp proxy in the code base here: cohttp-lwt-unix/bin/cohttp_proxy_lwt.ml, and it works well with forwarding http requests. Output of that looks like this
But https over a proxy work a bit differently. The client sends a CONNECT request, which opens up a bi-directional communication stream. And then only after the client gets 200 Connection established, does it send over the actual request. The proxy itself does not do any SSL decryption, it merely forward the bytes back and forth.
Cohttp's request object received by the handler has no way start this bidirectional communication, at least not that I can see. This is somewhat related to #501, but I think this deserves it own ticket since it a distinct feature.
The text was updated successfully, but these errors were encountered:
While attempting to create a forward proxy with cohttp, I could not figure out how I would handle a CONNECT request.
There is an example cohttp proxy in the code base here: cohttp-lwt-unix/bin/cohttp_proxy_lwt.ml, and it works well with forwarding
http
requests. Output of that looks like thisBut
https
over a proxy work a bit differently. The client sends aCONNECT
request, which opens up a bi-directional communication stream. And then only after the client gets200 Connection established
, does it send over the actual request. The proxy itself does not do any SSL decryption, it merely forward the bytes back and forth.This is what the example code does Cohttp proxying https request
And this is what it should look like is this
Cohttp's
request
object received by the handler has no way start this bidirectional communication, at least not that I can see. This is somewhat related to #501, but I think this deserves it own ticket since it a distinct feature.The text was updated successfully, but these errors were encountered: