[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: `url-retrieve' for https behind proxy: 400 bad request

From: Yuri Khan
Subject: Re: `url-retrieve' for https behind proxy: 400 bad request
Date: Tue, 8 Nov 2016 18:19:17 +0600

On Tue, Nov 8, 2016 at 6:58 PM,  <> wrote:

> Yeah. This is the usual dance for https over proxy (if the proxy allows
> it). Basically, CONNECT tells the proxy to just pass the https stream
> along, untouched.

And it’s the only way to preserve integrity of the connection. With
CONNECT, provided that the origin server presents a valid and matching
certificate and you check it, neither the proxy nor any other
man-in-the-middle between you and the proxy can spoof the origin
server, tamper with requests or responses, or sniff the traffic
between you and the origin. With “GET https://foo/bar”, all of the
above would be possible.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]