c**t
发帖数: 2744 | 1 While HTTP tunnel is used (CONNECT verbs, over SSL), will the request header
have cookie? or the entire HTTP stream are encoded in the data? | z**r
发帖数: 17771 | 2 what do you mean by HTTP tunnel? you mean SSL based VPN?
header
【在 c**t 的大作中提到】
: While HTTP tunnel is used (CONNECT verbs, over SSL), will the request header
: have cookie? or the entire HTTP stream are encoded in the data?
| c**t
发帖数: 2744 | 3 我指的是reverse proxy over ssl. 用了网络sniffer, 看不出来数据包内有无cookie.
★ 发自iPhone App: ChineseWeb 7.3
【在 z**r 的大作中提到】
: what do you mean by HTTP tunnel? you mean SSL based VPN?
:
: header
| a**********k
发帖数: 1953 | 4 The protocol stack is like this:
HTTP over SSL/TLS over TCP.
so any HTTP request headers, including that of cookie, are encrypted.
If the reverse proxy is SSL terminated, you may sniffer packets
at its connection to the HTTP server side to get the info.
Hope that helps.
cookie.
【在 c**t 的大作中提到】
: 我指的是reverse proxy over ssl. 用了网络sniffer, 看不出来数据包内有无cookie.
:
: ★ 发自iPhone App: ChineseWeb 7.3
| c**t
发帖数: 2744 | 5 After more googling, I found:
Tunnel encrypts the header and payload of each packet.
I had the capatured packets (by wireshark), they are all encrypted, question
now becomes how to decrypt. I have the device (iPad, iPhone).
【在 a**********k 的大作中提到】
: The protocol stack is like this:
: HTTP over SSL/TLS over TCP.
: so any HTTP request headers, including that of cookie, are encrypted.
: If the reverse proxy is SSL terminated, you may sniffer packets
: at its connection to the HTTP server side to get the info.
: Hope that helps.
:
: cookie.
|
|
