> I’d like to share a few thoughts regarding this update to [1].
I've rephrased "polipo is obsolete" to "polipo is no longer maintained". >> Since then, the web has changed, and HTTP proxies are no longer useful: >> most traffic is encrypted, and a web proxy merely acts as a dumb >> intermediary for encrypted traffic. > I guess it’s possible to use ‘sslstrip’ as the parent proxy to > Polipo to overcome this issue. MITM the SSL in the proxy? SSL is designed to be end-to-end, by MITM-ing it you're breaking browsers' expectations -- stuff will break, I promise. > Also to note is that Tor “hidden services” – and that includes > HTTP servers – virtually never rely on TLS, as Tor already > provides encryption and remote identity checking. Right. >> • if you need your HTTP traffic to originate from a remote IP >> address, use a VPN or a SOCKS5 proxy; > I know of no easy way to route HTTP(S) traffic originating from > different user agent processes via different VPNs (some of the > command-line HTTP clients aside.) Yeah, it's tricky. "ip[6]tables -m owner --gid-owner", and sg the user-agent. Or perhaps "ip[6]tables -m cgroup". > Also, SOCKS5 support in Web user agents seems a tad uncommon. (I > don’t see it implemented in GNU Wget, for example.) Use curl? >> • if you need HTTP/1.1 pipelining, you're out of luck. The official >> answer is "use HTTP/2 instead", > Where is that stated? That's what I was told when I complained about lack of pipelining in Go's HTTP library. I've rephrased the page. >> but HTTP/2 will remain only moderately useful until it has good >> support for either unencrypted connections or opportunistic >> encryption. > Given the general lack of interest in supporting non-TLS HTTP/2, > I’d say that HTTP/1.1-only caching proxies will still be > relevant for the foreseeable future. Agreed. Ivan, while *I* am not going to work on Polipo any more, the code is still available -- I'd be thrilled to see somebody take it over. -- Juliusz ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi _______________________________________________ Polipo-users mailing list Polipo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/polipo-users
