Uzbl

Tasklist

FS#77 - SSL connections through a proxy server may fail

Attached to Project: Uzbl
Opened by Cedric Staub (csstaub) - 2009-07-23 11:04:06 AM
Last edited by Ben Boeckel (mathstuf) - 2011-04-14 04:15:40 AM
Task Type Bug Report
Category uzbl-core
Status New
Assigned To No-one
Operating System All
Severity Medium
Priority Normal
Reported Version Development
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

When using a proxy server like Privoxy or Squid, some SSL-enabled pages
do not seem to work correctly. For example, accessing my DD-WRT router's
webinterface through HTTPS always yields a "Malformed request" error.
Without a proxy, it works perfectly. Other pages that don't work for me are
Rapidshare, Gmail (if you enable HTTPS-only in the settings), my bank,
and some of my university's webpages.

They all yield different errors though, DD-WRT tells me "Malformed request",
Rapidshare tells me "File not found", Gmail tells me "Internal error", ...
I have only been able to reproduce these errors using uzbl together with
a proxy. I tried both Privoxy and Squid (in transparent mode). All other
browsers do not seem to have that problem.

First, I wanted to try to debug the problem using http_debug, but I was not able
to find anything suspicious. The requests uzbl sends look OK to me, yet it doesn't
work. I also tried setting up my own HTTPS server on a different machine on the
network, but I was not able to reproduce any errors. Likewise, most HTTPS
pages out there seem to work ok: Logging in to GMail through HTTPS for example
works, just the interface itsself doesn't.

Tested against latest dieter/experimental.
This task depends upon

Comment by Cedric Staub (csstaub) - 2009-07-23 11:11:48 AM
I can consistently reproduce the problem by going to http://ssl.rapidshare.com/cgi-bin/premiumzone.cgi

Logfile without privoxy:
https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
> GET /cgi-bin/premiumzone.cgi HTTP/1.1
> Soup-Debug-Timestamp: 1248347245
> Soup-Debug: SoupSessionAsync 1 (0x9d85e0), SoupMessage 1 (0xa1b960), SoupSocket 1 (0xa880d0)
> Host: ssl.rapidshare.com
> Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Encoding: identity
> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.1) Gecko/20090624 Firefox/3.5

> GET /img2/styles.css HTTP/1.1
> Soup-Debug-Timestamp: 1248347246
> Soup-Debug: SoupSessionAsync 1 (0x9d85e0), SoupMessage 2 (0xa1bb70), SoupSocket 2 (0xa88350)
> Host: ssl.rapidshare.com
> Accept: text/css,*/*;q=0.1
> Referer: https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
> Accept-Encoding: identity
> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.1) Gecko/20090624 Firefox/3.5

< HTTP/1.1 200 OK
< Soup-Debug-Timestamp: 1248347246
< Soup-Debug: SoupMessage 1 (0xa1b960)
< P3P: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR STP UNI NAV STA PRE"
< Date: Thu, 23 Jul 2009 11:07:51 GMT
< Connection: close
< Accept-Ranges: bytes
< Content-Type: text/html; charset=ISO-8859-1
< Cache-Control: no-cache
< Set-Cookie: ...
< Content-Length: 70521

Logfile with privoxy:
https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
> CONNECT ssl.rapidshare.com:443 HTTP/1.1
> Soup-Debug-Timestamp: 1248347188
> Soup-Debug: SoupSessionAsync 1 (0x1dd45e0), SoupMessage 1 (0x1e17ac0), SoupSocket 1 (0x1e840d0)
> Host: ssl.rapidshare.com
> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.1) Gecko/20090624 Firefox/3.5

< HTTP/1.0 200 Connection established
< Soup-Debug-Timestamp: 1248347188
< Soup-Debug: SoupMessage 1 (0x1e17ac0)
< Proxy-Agent: Privoxy/3.0.12

> GET /cgi-bin/premiumzone.cgi HTTP/1.1
> Soup-Debug-Timestamp: 1248347188
> Soup-Debug: SoupSessionAsync 1 (0x1dd45e0), SoupMessage 2 (0x1e17960), SoupSocket 1 (0x1e840d0)
> Host: ssl.rapidshare.com
> Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Encoding: identity
> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-GB; rv:1.9.1) Gecko/20090624 Firefox/3.5

< HTTP/1.1 404 Not Found
< Soup-Debug-Timestamp: 1248347189
< Soup-Debug: SoupMessage 2 (0x1e17960)
< P3P: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa TELa OUR STP UNI NAV STA PRE"
< Date: Thu, 23 Jul 2009 11:06:54 GMT
< Connection: close
< Accept-Ranges: bytes
< Content-Type: text/html; charset=ISO-8859-1
< Cache-Control: no-cache
< Content-Length: 13

(Btw, it happens no matter which useragent I use)
Comment by Wickersheimer Jeremy (jwickers) - 2009-09-18 06:40:13 AM
Ha, so that's the problem with GMail, well disabling https on it at least makes it work again.

Hope this gets fixed at some point though.
Comment by Kio M. Smallwood (Sekenre) - 2009-09-18 03:18:52 PM
I can confirm this when logging in to a Juniper Networks VPN gateway with Privoxy, the page does not load at all.
Comment by Ben Boeckel (mathstuf) - 2011-04-14 04:15:40 AM
  • Field changed: Status (Unconfirmed → New)
Still occurs for me at the rapidshare example (although gmail works now).

Loading...