Re: HTTP traffic? (use LWP::Debug qw(conns); not working)
Le dimanche 25 janvier 2004 à 15:46, John J Lee écrivait: BTW, anybody have any tips on software / usage thereof for HTTPS proxying, for debugging purposes, and how to set up with LWP? I've always used browser plugins or debugging output from (Python) code until now. Well, in June 2004, I suppose HTTP::Proxy will support working in a man in middle manner, so this kind of thing should be quite easy to do. (I have yet to understand how to use Net::SSLeay, though.) In fact, you can already use HTTP::Proxy to see inside a HTTPS connection: set HTTPS_PROXY to point to your HTTP::Proxy proxy, use env_proxy with your LWP::UA object. LWP::UA does a GET https://www.example.com/ to the proxy, which will fetch the data with SSL, and return it in a plain (cleartext) HTTP session. So that you don't have to change your debugging habits when asking for https URLs. -- Philippe BooK Bruhat Did I err? (Groo, in too many issues to count - ...and *YES* he did!)
Re: HTTP traffic? (use LWP::Debug qw(conns); not working)
On Sun, 25 Jan 2004, Philippe 'BooK' Bruhat wrote: Le dimanche 25 janvier 2004 à 15:46, John J Lee écrivait: BTW, anybody have any tips on software / usage thereof for HTTPS proxying, for debugging purposes, and how to set up with LWP? I've always used browser plugins or debugging output from (Python) code until now. Well, in June 2004, I suppose HTTP::Proxy will support working in a man in middle manner, so this kind of thing should be quite easy to do. Whoops -- I scanned that thread, then forgot about it ;-) Thanks. (I have yet to understand how to use Net::SSLeay, though.) Worked out of the box for me (I'm running somebody else's code, though). In fact, you can already use HTTP::Proxy to see inside a HTTPS connection: set HTTPS_PROXY to point to your HTTP::Proxy proxy, use env_proxy with your LWP::UA object. LWP::UA does a GET https://www.example.com/ to the proxy, which will fetch the data with SSL, and return it in a plain (cleartext) HTTP session. [...] Any recommendations for a specific one? Hmm, do these proxies check certificates / revocation lists when they do that (not that I care, particularly -- just curious)? What happens when they fail, if so? John
Re: HTTP traffic? (use LWP::Debug qw(conns); not working)
Le dimanche 25 janvier 2004 à 21:22, John J Lee écrivait: In fact, you can already use HTTP::Proxy to see inside a HTTPS connection: set HTTPS_PROXY to point to your HTTP::Proxy proxy, use env_proxy with your LWP::UA object. LWP::UA does a GET https://www.example.com/ to the proxy, which will fetch the data with SSL, and return it in a plain (cleartext) HTTP session. [...] Any recommendations for a specific one? Well, I was talking about my pet module, HTTP::Proxy. Version 0.12 on a CPAN mirror near you. ;-) Hmm, do these proxies check certificates / revocation lists when they do that (not that I care, particularly -- just curious)? What happens when they fail, if so? Well, does LWP::UA check the cert? No, but your program can have a look at them. Which reminds me that HTTP::Proxy removes all Client-* headers added by its own LWP::UA. Oops. So I guess you cannot (yet) check those certificates in a HTTP::Proxy filter (I suppose I'll fix this in next version, by adding a client_headers() method). -- Philippe BooK Bruhat The best of intentions must still have directions. (Moral from Groo The Wanderer #95 (Epic))
Re: HTTP traffic? (use LWP::Debug qw(conns); not working)
On Sun, 25 Jan 2004, Philippe 'BooK' Bruhat wrote: Le dimanche 25 janvier 2004 à 21:22, John J Lee écrivait: In fact, you can already use HTTP::Proxy to see inside a HTTPS connection: [...] Any recommendations for a specific one? Well, I was talking about my pet module, HTTP::Proxy. Version 0.12 on a CPAN mirror near you. ;-) [...] Gah, sorry, not reading carefully again, am I? Thanks. John
