-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proxy-authentication header missing with https #103
Comments
Hi @maddo7, this is a good question. This happens because there's two different ways of doing HTTP proxying. The first way is that the client sends a request to the proxy like The second way is that the client sends a CONNECT request to the proxy like Currently, in that second case, you can't interact with the outer tunneling request or see that data via Mockttp at all. Mockttp simply unwraps and discards all layers of CONNECT tunnelling, and only considers the final request to the end server. Extending this is a bit more complicated than it sounds, because requests aren't even 1-1, for example a client can CONNECT through the proxy once, and then send many independent requests inside the resulting tunnel to the remote server (or even none at all, if it changes its mind). You can even CONNECT to create a tunnel to a different proxy server, and then CONNECT there too, at unlimited depth, using different authentication headers for each step. For this specific use case of authenticated tunneling though, I think it's probably possible to handle this though - we could add a |
I want to create a mitm proxy that can only be access by providing correct credentials, e.g. I check if proxy-authentication has the correct value:
With http it works flawlessly, the proxy-authorization header is present:
Now the problem is that if it runs through https, the proxy-authorization disappears:
Is there anything I'm unaware of that causes this behaviour?
The text was updated successfully, but these errors were encountered: