cURL / Mailing Lists / curl-library / Single Mail


Re: [PATCH] CURLOPT_PROXYHEADER: send/replace proxy headers only

From: Daniel Stenberg <>
Date: Fri, 7 Feb 2014 08:44:49 +0100 (CET)

On Thu, 6 Feb 2014, Maciej Puzio wrote:

> In my opinion, if someone manually sets proxy headers separate from headers
> intended for the end-server, then this use case is advanced enough that we
> can assume that the user had read the manual.

Ok, but what should the manual say about this case?

   "If you want to send a header to a proxy-only, you should use
    CURLOPT_PROXYHEADER if you're using HTTPS or are tunneling over a http
    proxy - otherwise use CURLOPT_HTTPHEADER" ?

It is really awkward.

Many applications use HTTP and HTTPS interchangably in the same application
and I think it would be unfortunate to push these applications into having to
set different options depending on which specific protocol they use. libcurl
is designed for that to a pretty high degree so far.

What if the documentation would instead say:

   "If CURLHEADER_SEPARATE is set, headers intended for a HTTP proxy must be
    set with the CURLOPT_PROXYHEADER option, be it intended for CONNECT or
    other request methods."

This is then clearly not an option that controls CONNECT headers only.

It has the big downside that libcurl will use different lists depending if a
proxy is used or not, and applications may go on/off on that as well. Not
really good either as applications are not always willing to care about them
using a proxy or not. Not a nice situation.

I think we need to change this feture slightly. Right now (when
CURLHEADER_SEPARATE is set) we're still only ever using one of the lists in
each request and I think that's the source of this problem.

I think we better start using _both_ lists in non-CONNECT requests, the
proxy-only list for CONNECT requests and the host-only list for non-proxy
requests. That will make this easier to document and probably make
applications have to care less about libcurl internals.

The documentation would possibly say something like this:

   "If CURLHEADER_SEPARATE is set, headers intended for a HTTP proxy must be
    set with the CURLOPT_PROXYHEADER option and headers intended for the remote
    host must be set with CURLOPT_HTTPHEADER."

If using normal HTTP with a proxy, both lists are used in the same single
request. If using HTTPS, they're used separately. If using HTTP(S) without a
proxy, the proxy list is not used at all.

Good/bad ?

List admin:
Received on 2014-02-07