[web-devel] Advice on implementing a web proxy

Erik de Castro Lopo mle+hs at mega-nerd.com
Thu Nov 24 12:02:04 CET 2011

Hi all,

I'm working on a simple web proxy. I have the proxying of HTTP
working correctly (as least as far as I have tested it) and would
like to work on proxying HTTPS. The way HTTPS proxying works is
as follows:

 a) Client sends "CONNECT host:port HTTP/1.1" to the proxy in
    clear text.

 b) Proxy makes a connection to host:port and if successful sends
    "HTTP/1.0 200 Connection established" to the client.

 c) The proxy then blindly transfers bytes from the client to the
    server and bytes from server to the client.

 d) The client does TLS negotiation over the bi-directional pipe
    established and maintained by the proxy.

The git repo containing the code for my proxy is here:


and the core of the actual proxy is here:


The proxying function should have a type signature of:

    sslConnectRequest :: ByteString -> Int
                      -> Wai.Request -> Proxy Wai.Response

where the ByteString contains the host name and the Int the port

My plans for the sslConnectRequest function is for it to open a
socket connection to the server and then wrap that socket inside
and enumerator.

Is that a reasonable plan? Is there a better way? Any existing
code that does something similar for me to hack? Clues?

Erik de Castro Lopo

More information about the web-devel mailing list