I had a similar kind of stupidity here, recently. Trying to fetch a page from a local web server, I got a redirect to a second web server to handle the login. The second server can only be reached via a proxy, which requires its own authentication. After logging in I get a bunch more redirects which finally send me back to the original box.

And no, the original box is *not* reachable via the proxy.

I haven't had a chance to refine it yet, so my script expects an *exact* number of redirects, which is a little unreliable... I know curl is peachy keen at following redirects, especially with the recent fixes, but for just this one site I can't let it do that because of the need to switch the proxy on/off in flight.

That's not a complaint, by the way, just an observation. Curl is the best thing since sliced bread, in my opinion.

Would an auto-proxy config reader need to be a complete javascript interpreter, or would a subset do? The auto-config I get from our proxy (using curl :) has stuff like this:

    if ((host.substring(0, 9) == "127.0.0.1") ||
        (host.toUpperCase() == "XXX.DOMAIN.COM") ||
        (host.substring(0, 13) == "10.133.96.252") ||
        (host.substring(0, 7) == "172.29."))
            return "DIRECT";

    if ((host.substring(0, 12) == "151.193.130.") ||
        (url.substring(0, 6).toUpperCase() == "HTTPS:") ||
        dnsDomainIs(host, ".domain.com")
            return "PROXY www-proxy.domain.com:80";

    if ((shExpMatch(host, "x*.domain.com")) ||
     {return "DIRECT";}

and so on, for 358 lines of code. That's much less daunting than a whole javascript implementation... I may even take a whack at it myself... :)

So, Daniel, if a proxy_or_not() function fell out of the sky one day, would it be possible to patch it into curl? I'm guessing it would need at least one more command-line arg:

    -apc http://apc.domain.com:port/proxyconfig.pac

because the auto-proxy config I have to use doesn't come from the actual proxy - at least, the machine name is different - probably to avoid looping, or something.

Ralph

esp5_at_rama.comp.pge.com wrote:

> On Mon, May 20, 2002 at 05:24:02PM -0400, Roth, Kevin P. wrote:
> > I suspect if you volunteered to write such a thing, it might make it into curl.exe a bit faster ;-) I don't recall for sure, but I don't think Daniel's ever expressed a specific desire *not* to have one of these in there.
> >
> > In your corporate environment can you really not simply hard code a proxy server (or two)? I also don't think curl supports specification of multiple proxy servers (with the ability to use the 2nd one automatically if the first doesn't answer), but that ability would have to be added to truly support APC; if *just* that ability were added, would it be sufficient for your environment? (of course, you could add it already via script...)
>
> No... that doesn't work. (tried it already). You need to go through the
> automatic server - at least the way they've set it up here, the end-proxies only
> accept connects from the central proxy, and the end proxies send back a direct
> connection to your local workstation.
>
> Trying to bypass any of this is prohibited, because for one, they don't want you
> to work around their 'protections' against people 'accessing inappropriate
> sites'. And since websense is pretty common, (and will get more common as
> networks do filtering) this results in a *huge* usability hole for curl.
>
> I'd be happy to do it if I had the technical background/knowhow on how to
> do it - it seems like a complicated hack though, and I'm not sure I'd have
> enough CPU cycles to understand and do it correctly.
>
> Ed
>
> _______________________________________________________________
>
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
Received on 2002-05-21