Node.js - Communicating with just proxy server while making request over HTTPS

723 views Asked by At

I am sending https requests using a proxy server. I want to pass certain information back and forth with only the proxy server (not passed to the destination server). This can be done easily with request headers when doing HTTP requests, but for HTTPS requests the headers are encrypted so using request headers is not an option. My proxy server provides the following option when using HTTPS:

The only point at which unencrypted data is sent to the proxy server is with the initial CONNECT method. This is where you must insert the custom headers. Similarly, the proxy server cannot inject an extra header into the final response. Instead, the response header is injected immediately after the Connection response, which looks like this:

HTTP/1.1 200 Connection established
X-ProxyServer-IP: 123.456.789.000
final response headers & body

So the I need to pass headers with the CONNECT method, and read the CONNECT response. It seems that the https-proxy-agent module will allow specifying headers to be sent specifically with the CONNECT request. But how can I read the CONNECT response, while still completing the intended request (e.g. POST)?

I cannot figure out how to intercept the CONNECT response with either the request module or https module.

1

There are 1 answers

1
EMX On

I have tested https

const https = require('https');
process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';
var server = https.createServer(function(req,res){res.end('test');}).listen(3000);

If you console.log(server._events)

{ connection: [ [Function], [Function] ],
  secureConnection: [ [Function: connectionListener], [Function] ],
  request: [Function],
  tlsClientError: [ [Function: addListener], [Function] ] }

So after adding the following :

server.on('connection',function(req,socket,head){console.log('CONNECT')})
server.on('secureConnection',function(req,socket,head){console.log('CONNECT (secure)')})
server.on('tlsClientError',function(req,socket,head){console.log('TLS:ERROR')})

I tested with : curl -X CONNECT localhost:3000

In this fast test the client output : curl: (52) Empty reply from server)

...but @ the server :

CONNECT
TLS:ERROR

As you can see its intercepting the CONNECT (even thou it has tls error due to testing env.),

So if you do this with your (working) setup you will be able of intercept it without the TLS:ERROR


For anyone that wants to do it with http , the event is different : server.on('connect', ...