cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: HTTPS requests through a proxy without tunneling?

From: Michael Wood <esiotrot_at_gmail.com>
Date: Wed, 3 Mar 2010 21:42:51 +0200

On 3 March 2010 19:09, Steve Bernacki <curl_at_f.copacetic.net> wrote:
> Hi,
>
> I am working on implementing a filtering web proxy, and would like to
> instruct libcurl to issue straight https requests to my proxy, rather than
> initiating the normal CONNECT <host>:443 requests.  For example, if I
> attempt to perform a GET on a https resource, libcurl connects to my proxy
> and issues:
>
> CONNECT remote.host:443 HTTP/1.0
> Host: remote.host:443
> User-Agent: curl/7.15.5
>
> I'd like instead to have curl connect to my proxy and issue:
>
> GET https://remote.host:443/ HTTP/1.0
> Host: remote.host:443
> User-Agent: curl/7.15.5
>
> Which will allow the proxy to initiate the HTTPS request and perform
> certificate validation, etc.
>
> Is there any way to coerce curl into doing this?  I am using 7.15.5.

I think that's non-standard. In which case, what do you expect the
protocol between the client and the proxy to be? i.e. do you expect
the returned page to be encrypted or not? If so, with what
certificate? If not, aren't you concerned that pages that were
considered important enough by the web site owner to need encryption
will not be encrypted between the proxy and the client?

I doubt libcurl supports something like that, but you may as well wait
for someone who knows for sure to answer :)

By the way, 7.15.5 is pretty old.

-- 
Michael Wood <esiotrot_at_gmail.com>
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2010-03-03