4

I would like to implement and HTTP proxy server to get a deeper understanding of some of the finer points of the protocol and learn some socket programming along the way but I don't want to implement a full-blown HTTP server. What are the relevant RFC pages and sections in those pages that I should be focusing on if I just want to implement a proxy?

The plan is to start with a regular HTTP proxy and then potentially extend it to an HTTPS proxy.

Improve this question

3 Answers 3

Reset to default
3

You might also find the work of the HTTPbis group in the IETF helpful; we're re-writing the specs to make them more clear and easier to implement.

See http://trac.tools.ietf.org/wg/httpbis/trac/wiki for more information.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

3

I'm currently working on it too. The basic implementation is simple. Listen on a socket port, find the host, connect to remote server, send http header, recv from server, then send back to client. The difficult part is consistent connection and pipelining.

As to HTTPs, its header is like this:

CONNECT addons.mozilla.org:443 HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0
Host: addons.mozilla.org

Proxy should connect to server, then reply to client a 200 message, then redirect back and forth as a redirector.

Check this: https://datatracker.ietf.org/doc/html/draft-luotonen-ssl-tunneling-03

Improve this answer

3 Comments

Using this info I tried to get SSL tunneling working in NodeJS with mixed results. I don't think I am catching the connects low enough and NodeJS default processing rules dont seem to support this protocol. See: github.com/pinf/pinf-proxy-js/issues/1
@strongwillow How are things like http cookies handled? Specifically, since the proxy is the client from the point of view of the remote server, do cookies get dropped on the proxy as well as on the calling client?
@Howiecamp There is no special treatment for Cookies, as it's just a normal HTTP header.
2

I would take a look at HTTP 1.0 (RFC 1945) and HTTP 1.1 (RFC 2616). You can also take a look at:

There are probably lots of example code that you can find with Google!

Improve this answer

1 Comment

RFC3986 obsoleted 2396 a while back. 822 was replaced by 2822, but I would NOT recommend looking at it (or 1521), as HTTP is not MIME; it is only MIME-like.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.