Re: CONNECT command with message body

On Wed, 6 May 2009, Adrien de Croy wrote:

> I think some of the wording of RFC2817 was contemplating HTTP being used 
> over the connection, which would explain some of the comments.  However I 
> don't know of any cases of this (raw HTTP over CONNECT, rather than over TLS 
> over CONNECT), and it's pretty much pointless since the normal proxy 
> semantics would achieve the same thing.  You therefore use CONNECT when you 
> want to use some protocol other than HTTP (e.g. SSL/TLS) over the 
> connection.

Pointless if the behavior is identical to everyone, yes.

I can think of many situations where you'd either just (A) CONNECT and send 
plain HTTP GET through, or the more complicated setup: (B) CONNECT, tunnel ssh 
over to a remote proxy, and then send HTTP GET over that tunnel, to avoid 
local proxy enforcements/filters/logs/prying eyes.

Of course I'm just blindly guessing here that proxies will treat the case (A) 
differently than a normal GET in such aspects. I know case (B) is widely used 



Received on Tuesday, 5 May 2009 12:38:26 UTC