first attempt at adding proxy support #757
Conversation
There was a problem hiding this comment.
I'm ambivalent about the SSL implementation -- I suspect we'd rather not support intercepting the connection for SSL requests. There's going to be a lot of questions about how secure intercepting SSL connections is, and I suspect it's a security risk that I'm not willing to let in.
Do you have thoughts about alternatives, or literature that will enlighten me about dealing with SSL in HTTP through proxies?
| if (connect_via_proxy()) | ||
| { | ||
| tcp_host = *proxy_host_; | ||
| } |
There was a problem hiding this comment.
This could be more compact as:
string_type tcp_host = connect_via_proxy() ? *proxy_host_ : host_;
|
|
||
| if (connect_via_proxy()) { | ||
| tcp_port = boost::lexical_cast<boost::uint16_t>(*proxy_port_); | ||
| } |
There was a problem hiding this comment.
Same potential approach here.
boost::uint16_t tcp_port = connect_via_proxy() ? ...;
If yoyu're doing this a lot of times in the same function, I suggest doing it once and storing the bool.
| } | ||
| else { | ||
| socket_->async_handshake(asio::ssl::stream_base::client, handler); | ||
| } |
There was a problem hiding this comment.
Is the strategy for SSL connections to intercept them and pass them through the proxy? Can you educate me on whether this is something that's actually secure/supported? How can the client know that the request made it through to the correct host for the domain it originally wanted to connect to?
|
@AndrewFromMelbourne status? |
|
HI @anonimal I haven't had a chance to get back to this. I will need to make some time to get back to it |
|
Hi @AndrewFromMelbourne -- do you think you'll find the time to get this updated soon? |
Hi Dean, as discussed here is my first attempt at adding proxy support into cpp-netlib. If you have any guidance it would be appreciated.
Note: there are some changes related to chunking as well.
Thanks,
Andrew Duncan.