I am looking at testing a connection using curl and connect only. The issue i have is when looking for a response the documentation states I must use HTTP CONNECT CODE. When I look at the response it is stating 0, not 200 or 304 as I would expect.
Why is curl doing this?
Is connect only to be used only when using proxies?
CURL's connect-only feature is for when you are connecting through proxies to test connection settings.
This is from the curl documentation :
CONNECT_ONLY tells the library to perform all the required proxy
authentication and connection setup, but no data transfer. This option
is implemented for HTTP, SMTP and POP3
Related
Strange thing - I have host API on localhost it works proper (via browser). It's a part of bigger project.
I use Postman for testing endpoints, and when I make request via localhost or 127:
-https://localhost:7257/esp32
-https://127.0.0.1:7257/esp32
Postman gives me Status 200 OK and fine data from API, but if I send request via my IP adress:
-https://192.168.8.xxx:7257/esp32 then I see error like this: Error: connect ECONNREFUSED 192.168.8.xxx:7257
What does it cause? Is it correct or no?
Ok, I need to host my application on the outside.
I cannot find this information anywhere, since all questions are library specific or are about forcing use of HTTP/2.
Is it possible to set (force) the HTTP version to HTTP/1.1 via headers when connecting to a server using HTTPS?
I have read that servers set the HTTP version to HTTP/2 by default when using HTTPS, but that HTTPS does not necessarily depend on HTTP/2.
I ask because I am connecting to an end server that uses HTTPS but the server only supports HTTP/1.1 (possibly connecting via an intermediary server that supports HTTP/2).
I know you can force curl to use HTTP1.1 using a flag but I am not sure if curl sets something in the headers or does something at a lower level.
--http1.1
I can access the end server successfully using curl when using the --http1.1 flag. Without the flag, the request fails.
Ideally, I want to use other solutions other than curl to connect to the end server.
I want to connect to a https server using python requests library through a proxy. The code roughly looks like
response = requests.get(SERVER_ENDPOINT, proxies=PROXIES, cert=??)
My problem is, both server and proxy requires client authentication, and unfortunately different CA is used to authenticate server and proxy. Is there a way to pass two CAs when making a request? The documentation doesn't seem to be very clear on this scenario.
Any help is greatly appreciated:)
Method Tried:
Tried the method as suggested in another link Python requests - how to add multiple own certificates, and bundle certs and keys into separate pem files using the code below:
response = requests.get(SERVER_ENDPOINT, proxies=PROXIES, cert=(CERT_BUNDLE, KEY_BUNDLE))
It seems that only the 1st cert and key is used, so I am able to pass client auth at proxy server, but failed auth at destination server.
I am setting the proxy on windows using the below command :
set http_proxy=http://user:password#proxy.domain.com:port
set https_proxy=https://user:password#proxy.domain.com:port
How can I verify if it has been set correctly?
There is a method using packet capture. Like wireshark.
First
It can be distinguished by port number.
In general, HTTP used port 80.
However, if you use a different port for your proxy configuration, you can distinguish is as a port number.
Two
It can be distinguished by HTTP request header.
A request URL using HTTP proxy include full URI. like GET http://www.kangmj37.com HTTP/1.1
A request METHOD using HTTPS proxy using CONNECT. like CONNECT www.kangmj37.com:443 HTTP/1.1. See RFC https://www.rfc-editor.org/rfc/rfc7231#section-4.3.6
4.3.6. CONNECT
CONNECT is intended only for use in requests to a proxy.
I'm trying to reproduce an odd bug that we believe may be caused by our load balancers trying to check the status of our services, with requests using HTTP/0.9. The service is only configured to use HTTPS, so they are being sent as HTTP/0.9 over HTTPS.
I could use use telnet to send a HTTP/0.9 request, but we have to use HTTPS so that doesn't work. My usual go-to tool for this kind of thing is cURL, but it doesn't look like cURL supports sending 0.9 requests (for good reasons, I know).
What could I use to generate a HTTP/0.9 GET request over HTTPS?
You could use openssl. First establish the SSL connection:
$ openssl s_client -crlf -connect ip:port
CONNECTED
...
lots of output, certificate etc
And then send the request
GET /
[empty line]