poco icon indicating copy to clipboard operation
poco copied to clipboard

Published 20 hours ago verified publisher icon pocoproject

HTTPS proxy support

Open Jokser opened this issue 4 years ago • 8 comments

Hello everyone.

I use Poco HTTP client to work with HTTPS endpoint through an HTTPS proxy but I'm getting timeout errors in such configuration. Looking at HTTP(S)ClientSession source code I see that proxyConnect() method establishes a non-secure HTTP connection with a proxy and proxyRequestPrefix() returns only "http" proxy prefix:

std::string HTTPClientSession::proxyRequestPrefix() const
{
	std::string result("http://");
...
StreamSocket HTTPClientSession::proxyConnect()
{
	ProxyConfig emptyProxyConfig;
	HTTPClientSession proxySession(getProxyHost(), getProxyPort(), emptyProxyConfig);
...

As I can understand Poco doesn't support HTTPS proxy. Is there any way to modify source code to get HTTPS proxy support in the case when both endpoint and proxy work with the same certificates?

Jokser avatar Jun 11 '20 12:06 Jokser

It should be possible by changing the HTTPClientSession::proxyConnect() method to use Poco::Net::HTTPSessionFactory to create the Poco::Net::HTTPClientSession or Poco::Net::HTTPSClientSession object instead of a hard-coded Poco::Net::HTTPClientSession. An additional protocol member should be added to ProxyConfig, denoting the protocol to use (http or https). The protocol value can then be given to Poco::Net::HTTPSessionFactory::createClientSession() to obtain the session for the proxy request. You'll also need to manage a separate HTTPSessionFactory for use by HTTPClientSession, as the default one may itself have proxy parameters configured.

obiltschnig avatar Jun 11 '20 13:06 obiltschnig

@obiltschnig Thank you very much for your feedback. I'll try to fix it in a fork and after success will commit to upstream.

Jokser avatar Jun 11 '20 13:06 Jokser

What's likely not going to work with this approach is sending HTTP requests through a HTTPS proxy. But that's kind of pointless anyway.

obiltschnig avatar Jun 11 '20 14:06 obiltschnig

@obiltschnig I've done. Could you please review the change about HTTPS proxy? https://github.com/pocoproject/poco/pull/3040

Jokser avatar Jun 22 '20 09:06 Jokser

This issue is stale because it has been open for 365 days with no activity.

github-actions[bot] avatar Aug 11 '21 02:08 github-actions[bot]

This issue was closed because it has been inactive for 60 days since being marked as stale.

github-actions[bot] avatar Oct 22 '21 02:10 github-actions[bot]

This issue is stale because it has been open for 365 days with no activity.

github-actions[bot] avatar Oct 25 '23 02:10 github-actions[bot]

#3691

aleks-f avatar Dec 21 '23 22:12 aleks-f