- From: Walter H. <Walter.H@mathemainzel.info>
- Date: Sun, 07 Aug 2016 20:54:22 +0200
- To: Kari hurtta <hurtta-ietf@elmme-mailer.org>
- CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
- Message-ID: <57A783DE.2050304@mathemainzel.info>
On 07.08.2016 19:50, Kari hurtta wrote: > https://lists.w3.org/Archives/Public/ietf-http-wg/2016JulSep/0390.html > >> configured proxies are not the bug; why not just simpy use plain HTML? >> >> your sample chould then just be this simple: >> >> HTTP/1.1 403 Forbidden >> Content-Type: text/html >> Cache-Control: no-cache >> >> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> >> <HTML> > Major browsers do not show this when they get > that on response of CONNECT -request. which in fact is caused by something different - my MITM proxy generates errors that are shown by my browser; and these errors are simple HTML a MITM proxy uses a certificate for signing sites ... e.g. the proxy uses a certificate called Proxy-CA, then for every site you want to go to there will be a created a SSL certificate which is signed by Proxy-CA; if the Proxy-CA was signed by a CA that is a built in token in the certstore of your browser or you have installed the Proxy-CA certificate in the certstore yourself, then your browser will show this simple HTML error page the proxy is sending; > Bug 637619 - Display better error messages when HTTPS proxy servers return non-200 error codes > https://bugzilla.mozilla.org/show_bug.cgi?id=637619 this is not really bug - it was filed at the times the browser (firefox) starts warning for invalid or self signed certificates ... with mnot's "solution" ths would be same; so where is the advantage of this?
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Sunday, 7 August 2016 18:57:08 UTC