> On Mar 8, 2017, at 2:48 AM, salil GK <[email protected]> wrote: > > Basically while analysing the traffic, what I observed is when I access http > site the header http header coming as > > ^MHTTPMSG:^M|GET http://10.106.251.95/ HTTP/1.1^MHost: > 10.106.251.95^MUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; > rv:51.0) Gecko/20100101 Firefox/51.0^MAccept: > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8^MAccept-Language: > en-US,en;q=0.5^MAccept-Encoding: gzip^MCookie:<CONCEALED>^MConnection: > keep-alive^MUpgrade-Insecure-Requests: 1^M^M|^M > > > > where as for https access the http header comes as > > ^MHTTPMSG:^M|CONNECT 10.106.251.95:443 HTTP/1.1^MUser-Agent: Mozilla/5.0 > (Macintosh; Intel Mac OS X 10.10; rv:51.0) Gecko/20100101 > Firefox/51.0^MProxy-Connection: keep-alive^MConnection: keep-alive^MHost: > 10.106.251.95:443^M^M|^M > > and servers return > Msg="HTTP/1.1 403 Access Denied" > > back to browser > > How do I configure ATS to pass https request to the origin server ?
This is a user agent behavior. When user agents make a HTTPS request through a proxy they will use the CONNECT method to establish an end-to-end secure tunnel to the origin. > > Thanks in advance > ~S > > On 8 March 2017 at 14:40, salil GK <[email protected]> wrote: > Hello > > We were trying to set up a forward proxy. I have my remap entry as below. > > > > >> > > regex_map http://(.{3,1023})/ http://$1/ > @plugin=ts_httpallow_remap_plugin.so > @pparam=/etc/trafficserver/etc/httpallowlist.txt @pparam=forwardproxy > > << > > > > Httpallow_remap_plugin is used for filtering the origin server. > > If I access an external http site using this server a proxy, every thing > works. > > > > >> > > regex_map https://(.{3,1023})/ https://$1/ > @plugin=ts_httpallow_remap_plugin.so > @pparam=/etc/trafficserver/etc/httpallowlist.txt @pparam=forwardproxy > > << > > > > > When I access an https site using this server as my proxy server, it doesn’t > work. Also the control doesn’t reach httpallow_remap_plugin also. It always > shows access denied. > > > > What could be the problem ? > > > > Thanks in advance > > ~S > >
