Re: http proxying

From: Dancer <[email protected]>
Date: Thu, 13 Jan 2000 00:35:16 +0000

Kendall Lister wrote:

> On Wed, 12 Jan 2000, Scott Gilpin wrote:
>
> > When proxying http requests, is it possible to access and modify the
> > query string? What if the request is encrypted with SSL?
>
> Use a redirector that rewrites certain URLs. As for SSL, that is one black
> bag into which I have not delved yet... perhaps someone could explain how
> HTTP requests happen through SSL, or at least how it differs from normal?
>

If you're connecting to something like https://securesite.com/ then what
happens approximately is this:

1) client connects to proxy
2) client sends 'CONNECT securesite.com:443'
3) proxy establishes a connection to that host/port.
4) Assuming success, data is transferred between the client and server
connections blindly until one of them closes.

Since all the data is encrypted there's no way to know what's going on in
there. Worrisome exploits include using the CONNECT method to telnet to
arbitrary ports on servers. That's just one of the reasons that the default
ACL settings are the way they are.

D
Received on Wed Jan 12 2000 - 17:45:07 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:50:21 MST