Le dimanche 25 janvier 2004 à 21:22, John J Lee écrivait: > > > In fact, you can already use HTTP::Proxy to see inside a HTTPS connection: > > set HTTPS_PROXY to point to your HTTP::Proxy proxy, use env_proxy > > with your LWP::UA object. LWP::UA does a GET https://www.example.com/ > > to the proxy, which will fetch the data with SSL, and return it in a > > plain (cleartext) HTTP session. > [...] > > Any recommendations for a specific one?
Well, I was talking about my pet module, HTTP::Proxy. Version 0.12 on a CPAN mirror near you. ;-) > Hmm, do these proxies check certificates / revocation lists when they do > that (not that I care, particularly -- just curious)? What happens when > they fail, if so? Well, does LWP::UA check the cert? No, but your program can have a look at them. Which reminds me that HTTP::Proxy removes all Client-* headers added by its own LWP::UA. Oops. So I guess you cannot (yet) check those certificates in a HTTP::Proxy filter (I suppose I'll fix this in next version, by adding a client_headers() method). -- Philippe "BooK" Bruhat The best of intentions must still have directions. (Moral from Groo The Wanderer #95 (Epic))