You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by GitBox <gi...@apache.org> on 2021/10/31 01:19:37 UTC

[GitHub] [trafficserver] rottegift edited a comment on pull request #8465: Add some checking to validate the scheme matches the wire protocol.

rottegift edited a comment on pull request #8465:
URL: https://github.com/apache/trafficserver/pull/8465#issuecomment-955618607


   This breaks TLS connections to a forward proxy for http:// URLs from remote users:
   
   ```
   curl -v --proxy 'https://proxy.example.com:8081/' http://example.org/
   ```
   
   results in a 400 Bad Request.
   
   One can complicate with authentication and so on, but the idea is that the client can keep local prying eyes from seeing its http requests to the proxy.  
   
   If this is deliberate, and the intention is not to make it possible to override, then it should probably be documented.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org