Reputation: 303
Python proxy server that handles CONNECT requests
I'm trying to build a proxy that can handle both HTTP and HTTPS requests and it works fine for HTTP requests like GET and POST but for the CONNECT request I get no response from the web server.
This is a simpler version of my proxy that illustrates the problem.
import socket
IP = "0.0.0.0"
PORT = 1234
server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, True)
server_socket.bind((IP, PORT))
server_socket.listen()
while True:
conn, _ = server_socket.accept()
header_bytes, _ = conn.recv(1024).split(b"\r\n\r\n")
header_bytes += b"\r\n\r\n"
print("header: ", header_bytes)
for header in header_bytes.split(b"\r\n"):
key, value = header.split(b":", 1)
if key == b"Host":
if b":" not in value:
value += b":80"
break
addr, port = value.split(b":")
client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
client_socket.connect((addr.decode("utf-8").replace(" ", ""), int(port.decode("utf-8"))))
client_socket.send(header_bytes)
response = client_socket.recv(1024)
print("response: ", response)
conn.send(response)
conn.close()
What I get out is
header: b'CONNECT www.google.com:443 HTTP/1.1\r\n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0\r\n
Proxy-Connection: keep-alive\r\n
Connection: keep-alive\r\n
Host: www.google.com:443\r\n\r\n'
response: b''
After reading some more about the CONNECT request I think I may have misunderstood how it is supposed to work but I still don't understand how I am to implement it. It says that I have to establish a tunnel to the web server but how do I do that if I get no response on my CONNECT request. Do I just send a 200 OK response and pretend I have a tunnel?
Upvotes: 0
Views: 914
Answers (1)
Reputation: 123320
A plain HTTP request (GET, POST, ...) gets forwarded to the server by the proxy (usually after rewriting the path to no longer be a full URL) and the response from the server is send back to the client. With CONNECT this is different though.
A CONNECT request is send only to from the client to the proxy. It is not forwarded to the server. Instead the proxy will establish a TCP connection to the server and after this was successful return a successful response to the client, i.e HTTP/1.0 200 .... In other words: the CONNECT request/response is only between client and proxy and the server sees nothing of this.
Once the TCP connection to the server has been established and the HTTP response send to the client all data from the client should be forwarded to the server and all data from the server should be forwarded to the client.
Upvotes: 1
Related Questions
- Python HTTPS Proxy Tunnelling
- Python socket server handle HTTPS request
- HTTPS proxy server python
- Creating an HTTPS proxy server in Python
- Python: HTTPS using a proxy server with requests
- Python httplib.HTTPSConnection with proxy
- Sockets Through proxy in python
- Using Proxies to Handle HTTPS Connection Requests
- How to proxy and log SSL traffic
- Python socket module: http proxy