easylist-pac-privoxy icon indicating copy to clipboard operation
easylist-pac-privoxy copied to clipboard

Published 20 hours ago verified publisher icon essandess

Safari 15 iOS Bypasses proxy.pac PROXY setting for HTTPS 400 code

Open essandess opened this issue 4 years ago • 0 comments

The PROXY blackhole approach used in this repo has stopped working for HTTPS requests on all iOS after updating to Safari on iOS/iPadOS 15.

Most requests now are HTTPS, so this breaks functionality.

Safari 15 appears to bypass the proxy.pac PROXY and sends requests to https://unwarranted.tracker.website/?whatever.

I hypothesize the reason is that the proxy returns 400 for such HTTPS CONNECT requests. Its behavior, expected for HTTPS CONNECT requests,looks like:

curl -I --proxy http://my.blackhole.server:8119 https://unwarranted.tracker.website/?whatever
HTTP/1.1 400 Bad Request
Server: nginx/1.21.3
Date: Sat, 25 Sep 2021 19:17:07 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

curl: (56) Received HTTP code 400 from proxy after CONNECT

The fix appears to be to deprecate this repo and use Privoxy’s HTTPS inspection along with adblock2privoxy.

Reference: https://developer.apple.com/forums/thread/691279

essandess avatar Oct 04 '21 11:10 essandess