curl-library
Force cURL to use GET on proxy for HTTPs requests
Date: Tue, 5 Dec 2017 19:35:28 +0100
Hi guys. I'm trying to figure out why cURL imposes a limitation when
dealing with proxies.
Let's say I'm providing cURL with the following proxy:
When I query an HTTP website, cURL performs a standard HTTP GET proxy
request, which can be cached by the proxy:
GET http://example.com/ HTTP/1.1
However, when querying an HTTPs website, cURL performs a CONNECT instead,
effectively using the proxy as a TCP tunnel, and preventing it from caching
the response:
CONNECT example.com:80 HTTP/1.1
As far as I can see, there is currently no way to force cURL to perform a
GET request for HTTPs websites.
This behaviour seems to be documented in HTTPS and proxy
<https://ec.haxx.se/usingcurl-proxies.html#https-and-proxy>:
> HTTPS was designed to allow and provide secure and safe end-to-end privacy
> from the client to the server (and back). In order to provide that when
> speaking to an HTTP proxy, the HTTP protocol has a special request that
> curl uses to setup a tunnel through the proxy that it then can encrypt and
> verify. This HTTP method is known as CONNECT.
> When the proxy tunnels encrypted data through to the remote server after a
> CONNECT method sets it up, the proxy cannot see nor modify the traffic
> without breaking the encryption.
While I understand the rationale behind this, I don't think it is always
good. For instance, I have a local proxy server (Apache Traffic Server)
that cannot be accessed from the network, only from localhost. This proxy
is used as a local cache for my application, when it needs to retrieve an
HTTP(s) resource multiple times.
In its current state, cURL forces my application to retrieve the HTTPS
resources every single time, bypassing the HTTP cache.
It would be nice to add a cURL option to force a GET request on the proxy,
even for https URLs:
GET https://example.com/ HTTP/1.1
This is perfectly legal.
*Did I miss something? Would you consider adding this feature to cURL?*
Many thanks,
Benjamin
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-12-05