Expand description
HTTP CONNECT forward proxy support.
When a client sends a CONNECT request, this handler connects to the target host:port and sets up a bidirectional tunnel between the client and target. This allows clients to proxy HTTPS and other TCP connections.
§HTTP/1.1 CONNECT
The standard flow: client sends CONNECT host:port HTTP/1.1, the server
responds with 200 Connection Established, and then the connection is
upgraded to a raw TCP tunnel via hyper::upgrade::on.
§HTTP/2 CONNECT (RFC 7540 §8.3 / RFC 8441 Extended CONNECT)
In HTTP/2, CONNECT is carried over a single H2 stream using the :method
pseudo-header. hyper routes HTTP/2 CONNECT requests through the same
Method::CONNECT code path so the method detection below works for both
versions.
However, HTTP/2 does not use the hyper::upgrade mechanism — the H2
stream itself is the tunnel. Raw per-stream byte access is not directly
exposed by hyper’s HTTP/2 server API, so full bidirectional tunneling over
HTTP/2 CONNECT (as defined by RFC 8441 Extended CONNECT) is not supported
at this time. HTTP/2 CONNECT requests will receive a 200 response but the
tunnel will not carry data; clients should fall back to HTTP/1.1 CONNECT
for tunneling.
Structs§
- Forward
Proxy - Forward proxy handler: supports HTTP CONNECT tunneling.