Do HTTP proxy servers modify request packets?

2019-01-22 08:49发布

问题:

Is any request header added or modified to the HTTP request before forwarding to the server by a proxy server?

If so, are the changes done to the same packets, or are the contents used to create new request packets with the modifications?

回答1:

There are a few different types of proxy servers. Because you've mentioned request headers, I'm going to assume that you're talking about HTTP proxy servers, which forward HTTP requests, not packets.

NOTE: In the special case of HTTPS requests (TLS/SSL via CONNECT), proxy servers will just forward the content of the TCP packets (and are unable to inspect the packets unless acting as a man-in-the-middle proxy).


Of course it depends on the proxy software and its configuration, but HTTP proxies are expected to follow the W3C Guidelines for Web Content Transformation Proxies, which states many things, but most relevantly:

  • Other than to convert between HEAD and GET proxies must not alter request methods.

  • If the request contains a Cache-Control: no-transform directive, proxies must not alter the request other than to comply with transparent HTTP behavior defined in RFC 2616 HTTP sections section 14.9.5 and section 13.5.2 and to add header fields as described in 4.1.6 Additional HTTP Header Fields.

  • Other than the modifications required by RFC 2616 HTTP proxies should not modify the values of header fields other than the User-Agent, Accept, Accept-Charset, Accept-Encoding, and Accept-Language header fields and must not delete header fields.

  • Proxies should add the IP address of the initiator of the request to the end of a comma separated list in an X-Forwarded-For HTTP header field.

  • Proxies must (in accordance with RFC 2616) include a Via HTTP header field.


In summary, you can generally expect these HTTP headers to be changed/added by a standards-compliant proxy:

  • User-Agent
  • Accept
  • Accept-Charset
  • Accept-Encoding
  • Accept-Language
  • X-Forwarded-For
  • Via