[jira] [Commented] (TS-1770) Unable to create remap rule for SSL sites when accessed as a forward proxy

[Mark Harrison (JIRA)]

    [ 
https://issues.apache.org/jira/browse/TS-1770?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13611305#comment-13611305
 ] 

Mark Harrison commented on TS-1770:
-----------------------------------

Possible solutions to this:

 * guess/assume a scheme if one isn't provided when looking up remap rules
 * allow specifying remap rules without a scheme
 * stop using remap.config as access control for ATS as a forward proxy

The first solution required the least code, and I've made a change here that 
demonstrates it: 
https://github.com/mivok/trafficserver/commit/83ae6fc9b49760b7372affd60722bc60f07f9dfb
                
> Unable to create remap rule for SSL sites when accessed as a forward proxy
> --------------------------------------------------------------------------
>
>                 Key: TS-1770
>                 URL: https://issues.apache.org/jira/browse/TS-1770
>             Project: Traffic Server
>          Issue Type: Bug
>          Components: HTTP
>            Reporter: Mark Harrison
>
> When connecting to https sites using ATS as a forward proxy, the CONNECT 
> method is used, and the URL doesn't have a scheme (http/https) present. When 
> using remap.config to limit which sites ATS will proxy for (remap_required 
> set to 1), there is no rule that can be made to match an a request without a 
> scheme present, and so no way to allow requests to a https site.
> Example:
> {code}
> # curl -x 127.0.0.1:8080 -o /dev/null -v -s https://example.com/
> * About to connect() to proxy 127.0.0.1 port 8080 (#0)
> *   Trying 127.0.0.1... connected
> * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
> * Establish HTTP proxy tunnel to example.com:443
> > CONNECT example.com:443 HTTP/1.1
> > Host: example.com:443
> > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 
> > NSS/3.13.1.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2
> > Proxy-Connection: Keep-Alive
> >
> < HTTP/1.1 404 Not Found
> < Date: Fri, 22 Mar 2013 21:41:25 GMT
> < Connection: close
> < Server: ATS/3.3.1-dev
> < Cache-Control: no-store
> < Content-Type: text/html; charset=utf-8
> < Content-Language: en
> < Content-Length: 309
> <
> * Received HTTP code 404 from proxy after CONNECT
> * Closing connection #0
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira