httphttpsproxyhttp-proxyhttps-proxy-agent

How to handle POST/GET with an https URL in proxy?


I wrote a proxy server which works well. But when looking at the log, there are some weird requests like:

POST https://vortex.data.microsoft.com/collect/v1 HTTP/1.1

Also some GET over https. I think only CONNECT is allowed over https, am I wrong? If I am wrong, how to deal with these request? (I just dropped these requests in my app.)

Another thing maybe unrelated is all these requests are related to microsoft from the log.


Solution

  • There isn't any problem handling any HTTP Method with HTTPS within a proxy.

    All the requests with https://-protocol will be automatically received and sent to port 443 if not indicated otherwise.

    Independently if you have a server where you deployed a HAProxy, NGINX, Apache Web Server or that you literally wrote a proxy like this one in JavaScript, only thing you have to do is to literally proxy the requests to the destination server address.


    Regarding the encryption, precisely HTTPS ensures that there are no eavesdroppers between the client and the actual target, so the Proxy would act as initial target and then this would transparently intercept the connection.

    1. Client starts HTTPS session to Proxy
    2. Proxy intercepts and returns its certificate, signed by a CA trusted by the client.
    3. Proxy starts HTTPS session to Target
    4. Target returns its certificate, signed by a CA trusted by the Proxy.
    5. Proxy streams content, decrypt and re-encrypt with its certificate.

    Basically it's a concatenation of two HTTPS sessions, one between the client and the proxy and other between the proxy and the final destination.