libtorrent icon indicating copy to clipboard operation
libtorrent copied to clipboard
verified publisher icon arvidn

Fix Handling of HTTP CONNECT Header in Proxy Connections

Open bearx3f opened this issue 4 months ago • 2 comments

From #7651 After I tested the latest pull request, which I'd previously said passed, the proxy server still couldn't sign the certificate when deployed with the actual application. This was because the server didn't receive the remote server in the correct domain:port format, such as example.com:443. In this patch, I've fixed the CONNECT request to be correct.

I noticed this by observing the request sent by Curl, which sends:

CONNECT example.com:443 HTTP/1.0
Host: example.com:443

Originally, Libtorrent was sending:

CONNECT 23.220.75.232:443 HTTP/1.0
Host: example.com

In this original request, the Host header was missing the port, and the CONNECT method was sending an IP address instead of a domain name.

bearx3f avatar Aug 29 '25 03:08 bearx3f

it looks like the simulation error is legitimate and needs to be addressed

arvidn avatar Sep 08 '25 15:09 arvidn

it looks like the simulation error is legitimate and needs to be addressed

The problem is my patch will always send Host header but simulation test check if send_host_in_connect=false host should be empty. I will fix.

bearx3f avatar Sep 09 '25 02:09 bearx3f