2

I'm trying to write a Home Proxy Server in C# and I almost succeeded but I have problem to handle HTTPS requests (CONNECT).

I don't know really how to handle this type of requests.

In my studies I realized that for this requests we must to connect client to target host directly.

Steps for these requests (that I realized):

  • Receive first request from client (CONNECT https://www.example.ltd:443 HTTP/1.1) and send that to target host
  • Send HTTP/1.1 200 Connection Established\r\n\r\n to client
  • Listen to both sockets (client and target host) and send receives from each other to each other
  • Listen until one of sockets disconnected

Is this correct? If it ok, how handle this by c# ?

Masoud Zohrabi
  • 47
  • 1
  • 7

1 Answers1

2

My understanding is that the

CONNECT www.example.com:443 HTTP/1.1

from the browser is asking you to establish a connection to example.com on port 443. Once this has been successfully achieved, you should THEN send the

HTTP/1.1 200 Connection established\r\n\r\n

string back to the browser. You do not send the CONNECT string to the server as I think you were doing. Also, this initial connection SHOULD NOT be encrypted.

From this point, the browser and end server will exchange data over the plain text connection which you must forward to the correct destination. To do this, the socket must remain open. However, the order of communication is not specified, so don't rely on the browser sending data followed by a response from server. Either could send data at any point. They will first establish their own secure connection, then begin to do the usual http requests.

Hope this helps.

References:

https://stackoverflow.com/a/24195792/1224132

https://datatracker.ietf.org/doc/html/draft-luotonen-ssl-tunneling-03

http://www.ietf.org/rfc/rfc2817.txt

Community
  • 1
  • 1
thetree
  • 326
  • 1
  • 2
  • 11