简体繁体 English

HTTP代理服务器保持活动连接支持

[英]HTTP Proxy Server keep-alive connection support

原文 2016-11-26 23:48:14 7 2 c/ sockets/ http/ firefox/ proxy

I am currently working on a multi threaded proxy server that supports keep-alive connections. 我目前正在开发一种支持保持活动连接的多线程代理服务器。 I see some weird issues while handling requests from firefox browser. 在处理来自Firefox浏览器的请求时，我看到一些奇怪的问题。 I connect to my local proxy using localhost:10001/ http://url , and I can access all the links on this host. 我使用localhost：10001 / http：// url连接到本地代理，并且可以访问该主机上的所有链接。 The process is as below. 过程如下。 1. Create a socket bind it to port 10001 2. Accept connections and if a client is connected fork() 3. Keep on processing the client request as persistent connection. 1.创建一个套接字，将其绑定到端口10001。2.接受连接，如果客户端已连接，则fork（）3.继续将客户端请求作为持久连接进行处理。

Now the problem is that when I open a new tab in firefox to access a second url with different host with using localhost:10001/ http://url2 , the strange thing is that that request goes to my client socket connection created during first connection. 现在的问题是，当我在Firefox中打开新标签页以使用localhost：10001 / http：// url2访问具有不同主机的第二个url时，奇怪的是，该请求转到了第一次连接期间创建的客户端套接字连接。 I initially thought that it might be due to my code, but then i tried to do the same using telnet and all the new connections would create a separate process. 我最初以为这可能是由于我的代码造成的，但是后来我尝试使用telnet进行相同的操作，所有新连接都会创建一个单独的进程。 Are there any specific settings that is making firefox browser do this?? 是否有使Firefox浏览器执行此操作的任何特定设置？

2 个解决方案

HTTP keep-alive is a way to reuse an underlying TCP connection for multiple requests so that one can skip the overhead of creating a new TCP connection all the time. HTTP保持活动是一种将基础TCP连接重用于多个请求的方法，因此，人们可以一直跳过创建新TCP连接的开销。 Since the target of the connection is the same all the time in your case it makes sense for the browser to reuse the same TCP connection. 由于连接的目标始终是相同的，因此对于浏览器来说，重用同一TCP连接是有意义的。 The comparison with telnet is flawed since with telnet you do a new TCP connection all the time. 与telnet的比较存在缺陷，因为使用telnet时常会建立新的TCP连接。

If HTTP keep-alive gets used is specified by the HTTP version the Connection header and on the behavior of both server and client. 如果HTTP版本指定使用HTTP keep-alive，则Connection标头以及服务器和客户端的行为。 Both server and client can decide to close the idle connection any time after a request was done, ie they are not required to keep it open after the request is done. 服务器和客户端都可以在请求完成后的任何时间决定关闭空闲连接，即，不需要在请求完成后使其保持打开状态。 Additionally they can signal that they like to have the connection open by using the Connection: keep-alive HTTP header or that they like to close after the request with Connection: close . 另外，他们可以使用Connection: keep-alive HTTP标头来表示Connection: keep-alive打开Connection: keep-alive或者在请求Connection: close之后希望关闭Connection: close 。 These headers have default values depending on the HTTP version, ie keep-alive is on with HTTP/1.1 while off with HTTP/1.0 unless explicitly specified. 这些标头具有默认值，具体取决于HTTP版本，即除非明确指定，否则keep-alive在HTTP / 1.1上打开，而在HTTP / 1.0上关闭。

Apart from that the "proxy" you are implementing with the use of URL's like http://proxy/real-url is not a real HTTP proxy. 除了使用URL之类的http://proxy/real-url实现的“代理”之外，它不是真正的HTTP代理。 A real HTTP proxy would be configured as a proxy inside the browser and the URL's you use would stay the same which also means that no URL rewriting would need to be done by the proxy. 实际的HTTP代理将配置为浏览器内的代理，并且您使用的URL将保持不变，这也意味着代理不需要进行URL重写。 Worse is that your idea of a proxy effectively merges all hosts inside the same origin (ie origin is the proxy) and thus effectively disables a major security concept of the browser: the same-origin policy . 更糟糕的是，您对代理的想法有效地合并了同一来源内的所有主机（即来源是代理），从而有效地禁用了浏览器的主要安全概念：同源策略。 This means for example that some rogue advertisement server would share with your implementation the origin with ebay and thus could get access to the ebay cookies and hijack the session and misuse it for identity theft 例如，这意味着某些流氓广告服务器将与您的实现共享ebay的来源，从而可以访问ebay cookie并劫持会话并将其误用于身份盗用

HTTP persistent connection is also used with the proxy, not only with the destination. HTTP持久连接也与代理一起使用，而不仅与目标一起使用。

For firefox you could try to alter the behavior with the proxy by setting network.http.proxy.version to 1.0 . 对于firefox，您可以尝试通过将network.http.proxy.version设置为1.0来更改代理的行为。 But you'll have to enhance your proxy (and perhaps rethink completely its inner workings) to be able to deal with these reused connections. 但是您必须增强您的代理服务器（也许完全重新考虑其内部工作原理）才能处理这些重用的连接。 I'm sure it's not limited to Firefox. 我确定它不仅限于Firefox。