I have a use case where I would like to connect to a proxy server with HTTP, but the underlying request is actually a GET with HTTPS. I have been reading When should one use CONNECT and GET HTTP methods at HTTP Proxy Server?, but I think i need some clarification. Since the underlying request is HTTPS does this mean when I "connect" to my proxy server it will automatically open a CONNECT and just pass through my HTTPS request? My main concern is if I use HTTP to connect to my proxy server, then the underlying HTTPS request is somehow exposed until it hits the proxy server. Thanks in advance.
Yes, whatever your browser says inside a https session is encrypted before, during, and after it passes through a proxy. No, it is not exposed to a proxy. For a proxy, the HTTP CONNECT means just "copy raw bytes around without any interpretation". The proxy does see in plain text the part of url that is in caps here: HTTPS://EXAMPLE.COM:9443/secret/place. It doesn't see the rest of url or anything else; doesn't see headers or data. (If a proxy is really intrusive and decrypts and re-encrypts your session it is visible via a certificate. Your browser would need to be compromised to trust a man-in-the-middle certificate. Uncompromised browser quite visibly warns you.)
Practically, using http only between a browser and a proxy is presently the most popular way of proxying.