[web-devel] http-enumerator connecting via a http proxy

Erik de Castro Lopo mle+hs at mega-nerd.com
Sat May 14 13:55:10 CEST 2011

Michael Snoyman wrote:

> > I've implemented  four functions;  proxyHttp, proxyHttpLbs,
> > proxyHttpRedirect and proxyHttpLbsRedirect but it occurs
> > to me that if we added a field of type 'Maybe Proxy' to the
> > 'Request m' data type, the fucntionality of the four functions
> > I have hacked up could be merged with the original versions
> > of these.
> >
> > Does that sound like a sane approach?
> Yes, I think that sounds good. Just let me know when I should look at the
> code; I'm impressed how quickly you're getting this done!

Ok, I've submitted a github pull request that modifies the
existing http function to proxy HTTP requests. This was a
relatively simple matter of modifying hosts, ports, and

I'm now looking at doing HTTPS and I'm a little lost on how
to proceed. Basically proxying of HTTPS works as follows:

 a) Wants to connect to https://encrypted.google.com/
    via HTTP proxy called squid listening on port 3128.

 b) Client opens an un-encrypted connection to squid:3128
    and sends a request:

        CONNECT encrypted.google.com:443 HTTP/1.1

 c) Squid proxy connects to encrypted.google.com port 443
    and gets back a response of:

        HTTP/1.1 200 Connection established

     which it sends the client.

 d) The squid proxy then blindly transfers bytes from the client
    to encrypted.google.com and bytes from encrypted.google.com
    to the client.

 e) The client does TLS negotiation over the bi-directional pipe
    established and maintained by the proxy.
I can send the CONNECT and get back the HTTP 200 OK, but I'm
not sure how to proceed.


Erik de Castro Lopo

More information about the web-devel mailing list