HTTP代理协议梳理

HTTP代理协议

两种方式均在squid代理模式下抓取。

1.第一种,一般在直连服务端口时使用,比如指定80 或者8080 等非加密端口(如443)

抓包browser->squid:

GET http://xxx.cn/ HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
If-Modified-Since: Tue, 13 Jan 2015 13:49:51 GMT
Host: xxx.cn
Proxy-Connection: Keep-Alive

HTTP/1.0 304 Not Modified
Server: Tengine/1.3.0
Date: Thu, 14 Apr 2016 01:17:09 GMT
Last-Modified: Tue, 13 Jan 2015 13:49:51 GMT
X-Cache: MISS from localhost
X-Cache-Lookup: MISS from localhost:3128
Via: 1.0 localhost (squid/3.1.19)
Connection: keep-alive

 

squid->server

GET / HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Language: zh-CN
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
If-Modified-Since: Tue, 13 Jan 2015 13:49:51 GMT
Host: xxx.cn
Via: 1.1 localhost (squid/3.1.19)
X-Forwarded-For: 192.168.100.177
Cache-Control: max-age=259200
Connection: keep-alive

HTTP/1.1 304 Not Modified
Server: Tengine/1.3.0
Date: Wed, 20 Apr 2016 02:07:31 GMT
Last-Modified: Tue, 13 Jan 2015 13:49:51 GMT
Connection: keep-alive

 

GET请求中发现 GET http://xxx.cn/ HTTP/1.1 填写的是完整域名+URI  并且Head中的Connection 变成了Proxy-Connection,在此之外没有其他改变。 另squid增加了Via 和X-Forwarded-For的部分额外的头 。squid将消息修改为正常请求的HTTP并发送出去返回结果原封不动返回给browser。

总结:

1.GET或者POST 完成服务路径不在是相对uri

2.Connection变成链接Proxy-Connection

 

2.第二种,使用HTTP CONNECT 方法,比如链接443端口

CONNECT www.baidu.com:443 HTTP/1.1
Host: www.baidu.com:443
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.82 Safari/537.36

HTTP/1.0 200 Connection established

...........!..^7..9..,.]....z...v.
....X... ^"............A....;9-....K0.......+./.......
...9.....3...5./.
.................
www.baidu.com.....#..
A
N9p.U...y........X..r.s..ha[.h%...96*.s.....8Y..UE.~:#..3.<@"..'.S.|.T....,....Go.K..p....E....6......k.;Z;..k...h....y.^.h.*|y.J.9.W/r.......LV.....%.......G.hN......J(.r.@.
.................................3t.............h2.spdy/3.1.http/1.1uP.........
...........d........................................................................................................`...\...5N...
....3.P.-..........8x.... ^"............A....;9-....K0...../...............http/1.1..........(
....9..| .Ku..y.*...Z.L/.#;..d.....9..^..........(........(....W1.M^%8%.......<zN....CG...

 

HTTP CONNECT方法是http提供的专门用与代理链接的方法。

browser 使用CONNECT方法 发送消息给代理服务器,

CONNECT www.baidu.com:443 HTTP/1.1
Host: www.baidu.com:443
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.82 Safari/537.36

LRLF

代理服务器链接成功返回

HTTP/1.0 200 Connection established

LRLF

 

之后直接相当于tcp链接透传消息。

 

以上为HTTP代理的两种代理方式。

posted @ 2016-04-20 11:17  但说无妨  阅读(2120)  评论(0编辑  收藏  举报