Curl CURLOPT_PROXY functionality

Question

I was wondering how the CURLOPT_PROXY option (as detailed here) for curl is implemented, specifically with respect to http?

What headers does this apply to the http message that will be sent? Does it also perform other requests, e.g. a handshake or anything of the sort?

Thanks!

Answer 1

HTTP

When curl uses a HTTP proxy to perform a HTTP transfer, it connects to the proxy instead of the remote server and it sends its request to the proxy, as if it has been the server (with only very minor differences):

1. The request URI is always absolute when done to a proxy. Ie the URI will contain the host name of the remote server.
2. Authentication headers are different for a proxy than for a server
3. curl asks for keep-alive explicitly (only for compliance with old stupid proxies still deployed in the wild)

If we run a proxy on localhost:80 and we want to download http://example.com via the proxy:

curl -x localhost:80 http://example.com

curl connects to localhost on TCP port 80 and sends the following request:

GET http://example.com/ HTTP/1.1
Host: example.com
User-Agent: curl/7.54.1
Accept: */*
Proxy-Connection: Keep-Alive

The proxy in turn will then send a HTTP request to the target server (example.com) that looks like this:

GET / HTTP/1.1
Host: example.com
User-Agent: curl/7.54.1
Accept: */*

(In my tests with using Apache as a proxy server, the proxy would also include a Connection: close header to the remote server, but that isn't necessarily what your proxy will send.)

Modern versions of curl allows a user to set custom headers separately if they should go to the proxy, to the server or to both.

HTTPS

If you instead ask for a HTTPS transfer over a HTTP proxy, curl will instead ask for a tunnel through the proxy with the CONNECT method, and once the tunnel is established to the remote server, curl will handshake TLS with the server and then issue the HTTP request over that TLS connection exactly the same way it would've done it if there had been no proxy involved.