-
Notifications
You must be signed in to change notification settings - Fork 425
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
first attempt at adding proxy support #757
base: 0.11-devel
Are you sure you want to change the base?
first attempt at adding proxy support #757
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm ambivalent about the SSL implementation -- I suspect we'd rather not support intercepting the connection for SSL requests. There's going to be a lot of questions about how secure intercepting SSL connections is, and I suspect it's a security risk that I'm not willing to let in.
Do you have thoughts about alternatives, or literature that will enlighten me about dealing with SSL in HTTP through proxies?
if (connect_via_proxy()) | ||
{ | ||
tcp_host = *proxy_host_; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could be more compact as:
string_type tcp_host = connect_via_proxy() ? *proxy_host_ : host_;
|
||
if (connect_via_proxy()) { | ||
tcp_port = boost::lexical_cast<boost::uint16_t>(*proxy_port_); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same potential approach here.
boost::uint16_t tcp_port = connect_via_proxy() ? ...;
If yoyu're doing this a lot of times in the same function, I suggest doing it once and storing the bool.
} | ||
else { | ||
socket_->async_handshake(asio::ssl::stream_base::client, handler); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the strategy for SSL connections to intercept them and pass them through the proxy? Can you educate me on whether this is something that's actually secure/supported? How can the client know that the request made it through to the correct host for the domain it originally wanted to connect to?
@AndrewFromMelbourne status? |
HI @anonimal I haven't had a chance to get back to this. I will need to make some time to get back to it |
Hi @AndrewFromMelbourne -- do you think you'll find the time to get this updated soon? |
Hi Dean, as discussed here is my first attempt at adding proxy support into cpp-netlib. If you have any guidance it would be appreciated.
Note: there are some changes related to chunking as well.
Thanks,
Andrew Duncan.