You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by fa...@apache.org on 2015/01/01 14:56:40 UTC
svn commit: r1648846 - in /httpd/httpd/trunk/docs/manual/mod: mod_proxy.xml
mod_proxy_connect.xml
Author: fabien
Date: Thu Jan 1 13:56:40 2015
New Revision: 1648846
URL: http://svn.apache.org/r1648846
Log:
Add a hint about how CONNECT-method requests are filtered out by <Proxy>,
and how to enable them. I could not find this information easily.
In particular, the straightforward <Proxy https://www.example.com>... does
not allow CONNECT to the corresponding SSL server. Probably it would work
if a web client sent a "GET https://www.example.com/ HTTP/1.1" to the
proxy, but none would do that.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
httpd/httpd/trunk/docs/manual/mod/mod_proxy_connect.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml?rev=1648846&r1=1648845&r2=1648846&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml Thu Jan 1 13:56:40 2015
@@ -490,6 +490,18 @@ ProxyPass /examples http://backend.examp
</Proxy>
</highlight>
+ <p>The next example will allow web clients from the specified IP
+ addresses to issue <code>CONNECT</code> requests to access the
+ <code>https://www.example.com/</code> SSL server, if
+ <module>mod_proxy_connect</module> is enabled.
+ </p>
+
+ <highlight language="config">
+<Proxy www.example.com:443>
+ Require ip 192.168.0.0/16
+</Proxy>
+ </highlight>
+
<note><title>Differences from the Location configuration section</title>
<p>A backend URL matches the configuration section if it begins with the
the <var>wildcard-url</var> string, even if the last path segment in the
Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy_connect.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy_connect.xml?rev=1648846&r1=1648845&r2=1648846&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy_connect.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy_connect.xml Thu Jan 1 13:56:40 2015
@@ -63,6 +63,19 @@
<dt>proxy-source-port</dt>
<dd>The local port used for the connection to the backend server.</dd>
</dl>
+
+ <p>CONNECT method requests are controlled by the
+ <directive module="mod_proxy">Proxy</directive> block
+ as any other HTTP request going through.
+ SSL connections through a proxy may be filtered explicitely
+ by specifying the target host and port, for instance:
+ </p>
+
+ <highlight language="config">
+<Proxy www.example.com:443>
+ Require ip 192.168.0.0/16
+</Proxy>
+ </highlight>
</section>
<directivesynopsis>