Reputation: 41
HTTPS Web(only)Proxy
I just read over node-tls-proxy (http://code.google.com/p/node-tls-proxy/), a https proxy. I like the idea of it, but I'm not getting why this proxy needs a local http server (see the local-proxy.js script). So I was wondering if this is necessary? My idea of the proxy was actually like this: Client -> HTTPS Connection to trusted Server/Proxy -> Internets In this case network sniffing between the Client and the Server wouldn't (hardly) be possible because it would be ssl encrypted.
Thanks, Seb
Upvotes: 1
Views: 543
Answers (1)
Reputation: 39620
If I get the idea correctly, the goal is to set up a "remote" proxy in a location that one trusts to be secure. Your client shall only communicate with this remote proxy using TLS, the remote proxy is then allowed to do the actual (no longer encrypted) HTTP requests.
What you do on the client side now is this: you configure the "local" proxy in your browser. Since you type "http://..." in your browser even when using the proxy, your browser will initiate an unencrypted HTTP connection to the local proxy first. Then the local proxy will open an encrypted TLS connection to the remote proxy and forward your request over a secured channel.
This means you need the local proxy for the purpose of "transforming" HTTP into HTTPS requests because your browser will dutifully only use HTTP when asked to make an actual HTTP request.
Upvotes: 1
Related Questions
- How to proxy HTTPS via HTTP without CA or MITM?
- Tunnel over HTTPS
- TCP connection through a HTTPS proxy
- what is https and http tunnel methods in proxy?
- developing a proxy script
- HTTPS tunneling through my proxy
- SSL tunnel through proxy server
- Tunneling TLS inside another protocol
- HTTPS requests over open proxy servers
- SSL with proxy (https)