Neil Harris wrote:
How about doing SSL via a non-standard port, which
will miss the proxies
_if_ the transparent proxying simply uses packet filtering at the
network side to detect proxyable traffic?
For example:
https://en.wikipedia.org:32//w/index.php?title=Example article&action=submit
(32 being an officially unassigned port number)
How about we worry about that when we actually see such a case?
Come to that, if they're just packet-filtering off
the proxyable
traffic, we may not even need to bother with the https: -- just use a
non-standard port number for _all_ form submissions from AOL members,
and set a cookie with that address so they can see their messages.
I tried that already, I sent an AOL user to my webserver on port 81, the request came via
the proxy.
I assume traffic is marked proxyable by the AOL client. Either that or 81 is filtered in
the same
way as 80, I didn't try it with a random port.
Of course, we can theorize forever about what
AOL's network does or does
not do... some actual experiments would be likely to find out what the
actual state of affairs is.
I seem to be ahead of you here. SSL works, HTTP port 81 doesn't.
Incidentally, if you go to
https://en.wikipedia.org/,
you get a slightly
surprising result...
Connection refused? Is that surprising?
-- Tim Starling