Le dimanche 25 janvier 2004 à 21:22, John J Lee écrivait:
>
> > In fact, you can already use HTTP::Proxy to see inside a HTTPS connection:
> > set HTTPS_PROXY to point to your HTTP::Proxy proxy, use env_proxy
> > with your LWP::UA object. LWP::UA does a GET https://www.example.com/
> > to the proxy, which will fetch the data with SSL, and return it in a
> > plain (cleartext) HTTP session.
> [...]
>
> Any recommendations for a specific one?
Well, I was talking about my pet module, HTTP::Proxy. Version 0.12 on a
CPAN mirror near you. ;-)
> Hmm, do these proxies check certificates / revocation lists when they do
> that (not that I care, particularly -- just curious)? What happens when
> they fail, if so?
Well, does LWP::UA check the cert? No, but your program can have a look
at them. Which reminds me that HTTP::Proxy removes all Client-* headers
added by its own LWP::UA. Oops.
So I guess you cannot (yet) check those certificates in a HTTP::Proxy
filter (I suppose I'll fix this in next version, by adding a
client_headers() method).
--
Philippe "BooK" Bruhat
The best of intentions must still have directions.
(Moral from Groo The Wanderer #95 (Epic))
