Enable basic authentication by default #25
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I am developer of VProxy, an HTTPS Forward proxy hidden in HTTPS web site.
VProxy pretends to be an HTTPS web site and only handles HTTPS proxy requests when the supplied credentials are valid. VProxy does not support challenge–response authentication for its HTTPS proxy because that would make it possible to detect it is running an HTTPS proxy.
As a result, VProxy works as reverse proxy when the credentials in HTTPS proxy request are missing or invalid. In this case, VProxy does not response HTTP error code 401 or 407 error challenge–response authentication will not be triggered.
This PR set basic authentization header by default when username and password are supplied. It will not break exsiting logic -- for classic http proxy when they response 401/407 error, the previous logic is applied.