开发可以处理 HTTPS 连接的代理 servlet
我开发了一个 Java servlet,它可以代理来自浏览器的 HTTP 请求。 我在代理 HTTPS 请求时遇到问题。
servlet 似乎没有从浏览器接收任何 HTTPS 请求。
经过进一步调查,我注意到 HTTP 请求似乎以简单的 GET 请求开始,而 HTTPS 请求以 CONNECT 请求开始,如下面的日志摘录所示:
"CONNECT ajax.googleapis.com:443 HTTP/1.1" 200
我的问题是,是否可以使用我的 servlet 处理此请求?
public class MyProxyServlet extends HttpServlet {
@Override
public void init(final ServletConfig config) throws ServletException {
super.init(config);
}
@Override
protected void doGet(final HttpServletRequest request,
final HttpServletResponse response) throws ServletException,
IOException {
}
@Override
protected void doPost(final HttpServletRequest request,
final HttpServletResponse response) throws ServletException,
IOException {
}
}
如果是的话,在哪里以及如何进行?
I've developed an Java servlet that can proxy HTTP requests from a browser.
I am having an issue proxying HTTPS requests.
The servlet doesn't appear to receive any HTTPS requests from the browser.
Upon investigating this further I noticed that HTTP requests seem to start with a simple GET request whereas the HTTPS requests start with a CONNECT request as shown by the log extract below:
"CONNECT ajax.googleapis.com:443 HTTP/1.1" 200
My question is, is it possible to handle this request using my servlet?
public class MyProxyServlet extends HttpServlet {
@Override
public void init(final ServletConfig config) throws ServletException {
super.init(config);
}
@Override
protected void doGet(final HttpServletRequest request,
final HttpServletResponse response) throws ServletException,
IOException {
}
@Override
protected void doPost(final HttpServletRequest request,
final HttpServletResponse response) throws ServletException,
IOException {
}
}
If so where and how?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
由于默认的
HttpServlet实现不处理 CONNECT 谓词,因此您必须重写javax.servlet.http.HttpServlet的Service方法> 在您的 servlet 中并自行处理CONNECT方法。原始实现似乎通过此resp.sendError(HttpServletResponse.SC_NOT_IMPLMENTED, errMsg);忽略了这一点。看一下HttpServlet源代码 http://www .docjar.com/html/api/javax/servlet/http/HttpServlet.java.htmlSince the CONNECT verb is not handled by the default
HttpServletimplementation, you will have to override theServicemethod of thejavax.servlet.http.HttpServletin your servlet and handle theCONNECTmethod yourself. The original implementation seems to ignore this with thisresp.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED, errMsg);. Take a look at the HttpServlet source code http://www.docjar.com/html/api/javax/servlet/http/HttpServlet.java.html通常,HTTPS 握手和交换是由 servlet 容器与浏览器处理的。对于servlet来说,它不需要知道模式是什么。您必须在服务器配置中定义正确的连接器来侦听 HTTPS,并且无需在 Web 应用程序或 servlet 端执行任何额外操作。无论是通过 http:// 还是 https:// 访问,请求都将相同地到达 servlet。只需将服务器配置为接受 https://
Normally, the HTTPS handshake and exchange is handled by the servlet container with the browser. For a servlet, it doesn't need to know what the mode is. You have to define the proper connector in the server's configuration to listen to HTTPS and nothing extra needs to be done on the web application or servlet side. The request will come the same to the servlet whether it is accessed by http:// or https://. Only that the server needs to be configured to accept https://