PHP Classes

HTTP/1.1 : CONNECT method

Recommend this page to a friend!

      PHP HTTP protocol client  >  All threads  >  HTTP/1.1 : CONNECT method  >  (Un) Subscribe thread alerts  
Subject:HTTP/1.1 : CONNECT method
Summary:how to ?
Messages:7
Author:vMyth
Date:2008-02-24 13:33:21
Update:2008-02-26 18:42:02
 

  1. HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of vMyth vMyth - 2008-02-24 13:33:21
w3.org/Protocols/rfc2616/rfc2616-se ...

CONNECT www.google.com:80 HTTP/1.0
Host: www.google.com:80

According to the RFC document, the method name CONNECT for use with a proxy that can dynamically switch to being a tunnel. Can you tell me is there anyway to implement it with the class ? Thank you very much.

  2. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2008-02-24 19:32:28 - In reply to message 1 from vMyth
When you set your connection to use a proxy to access SSL resources, it uses already HTTP CONNECT method.

  3. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of vMyth vMyth - 2008-02-25 05:29:55 - In reply to message 2 from Manuel Lemos
That mean if I connect to HTTPS site but the proxy doesn't support CONNECT method so it will return an error ?

  4. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2008-02-25 06:25:57 - In reply to message 3 from vMyth
No, that means that if you access a site with SSL (HTTPS) via a proxy, the class will automatically use the CONNECT method. Non-SSL requests are forwarded to the proxy like any normal proxy request, thus without using CONNECT.

  5. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of vMyth vMyth - 2008-02-25 09:29:40 - In reply to message 4 from Manuel Lemos
Oh I see, but what if the proxy doesn't support SSL-requests ?

  6. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of vMyth vMyth - 2008-02-26 10:59:46 - In reply to message 4 from Manuel Lemos
I see. Thank you very much for your help :)

  7. Re: HTTP/1.1 : CONNECT method   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2008-02-26 18:42:02 - In reply to message 5 from vMyth
The right way to support SSL requests is handling the connect method.

If a proxy handles accesses SSL requests as regular non-SSL requests, all the traffic between the client and the proxy can be sniffed, so it is not a secure solution. That is why the CONNECT method exists.

If a proxy does not support the CONNECT method, do not use it. It may be used to steal secret information exchanged between the client and the server.