2.4.x/docs/manual/mod/mod_proxy_connect.xml - httpd - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
 <!-- $LastChangedRevision$ -->

 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
 -->

 <modulesynopsis metafile="mod_proxy_connect.xml.meta">

 <name>mod_proxy_connect</name>
 <description><module>mod_proxy</module> extension for
 <code>CONNECT</code> request handling</description>
 <status>Extension</status>
 <sourcefile>mod_proxy_connect.c</sourcefile>
 <identifier>proxy_connect_module</identifier>

 <summary>
     <p>This module <em>requires</em> the service of <module
     >mod_proxy</module>. It provides support for the <code>CONNECT</code>
     HTTP method. This method is mainly used to tunnel SSL requests
     through proxy servers.</p>

     <p>Thus, in order to get the ability of handling <code>CONNECT</code>
     requests, <module>mod_proxy</module> and
     <module>mod_proxy_connect</module> have to be present in the server.</p>

     <p>CONNECT is also used when the server needs to send an HTTPS request
     through a forward proxy. In this case the server acts as a CONNECT client.
     This functionality is part of <module>mod_proxy</module> and
     <module>mod_proxy_connect</module> is not needed in this case.</p>

     <note type="warning"><title>Warning</title>
       <p>Do not enable proxying until you have <a
       href="mod_proxy.html#access">secured your server</a>. Open proxy
       servers are dangerous both to your network and to the Internet at
       large.</p>
     </note>
 </summary>
 <seealso><module>mod_proxy</module></seealso>

 <section id="notes"><title>Request notes</title>
     <p><module>mod_proxy_connect</module> creates the following request notes for
         logging using the <code>%{VARNAME}n</code> format in
         <directive module="mod_log_config">LogFormat</directive> or
         <directive module="core">ErrorLogFormat</directive>:
     </p>
     <dl>
         <dt>proxy-source-port</dt>
         <dd>The local port used for the connection to the backend server.</dd>
     </dl>
 </section>

 <directivesynopsis>
 <name>AllowCONNECT</name>
 <description>Ports that are allowed to <code>CONNECT</code> through the
 proxy</description>
 <syntax>AllowCONNECT <var>port</var>[-<var>port</var>]
 [<var>port</var>[-<var>port</var>]] ...</syntax>
 <default>AllowCONNECT 443 563</default>
 <contextlist><context>server config</context><context>virtual host</context>
 </contextlist>
 <compatibility>Moved from <module>mod_proxy</module> in Apache 2.3.5.
 Port ranges available since Apache 2.3.7.</compatibility>

 <usage>
     <p>The <directive>AllowCONNECT</directive> directive specifies a list
     of port numbers or ranges to which the proxy <code>CONNECT</code> method
     may connect.  Today's browsers use this method when a <code>https</code>
     connection is requested and proxy tunneling over HTTP is in effect.</p>

     <p>By default, only the default https port (<code>443</code>) and the
     default snews port (<code>563</code>) are enabled. Use the
     <directive>AllowCONNECT</directive> directive to override this default and
     allow connections to the listed ports only.</p>
 </usage>
 </directivesynopsis>

 </modulesynopsis>
	<?xml version="1.0"?>
	<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
	<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
	<!-- $LastChangedRevision$ -->

	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to You under the Apache License, Version 2.0
	(the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->

	<modulesynopsis metafile="mod_proxy_connect.xml.meta">

	<name>mod_proxy_connect</name>
	<description><module>mod_proxy</module> extension for
	<code>CONNECT</code> request handling</description>
	<status>Extension</status>
	<sourcefile>mod_proxy_connect.c</sourcefile>
	<identifier>proxy_connect_module</identifier>

	<summary>
	<p>This module <em>requires</em> the service of <module
	>mod_proxy</module>. It provides support for the <code>CONNECT</code>
	HTTP method. This method is mainly used to tunnel SSL requests
	through proxy servers.</p>

	<p>Thus, in order to get the ability of handling <code>CONNECT</code>
	requests, <module>mod_proxy</module> and
	<module>mod_proxy_connect</module> have to be present in the server.</p>

	<p>CONNECT is also used when the server needs to send an HTTPS request
	through a forward proxy. In this case the server acts as a CONNECT client.
	This functionality is part of <module>mod_proxy</module> and
	<module>mod_proxy_connect</module> is not needed in this case.</p>

	<note type="warning"><title>Warning</title>
	<p>Do not enable proxying until you have <a
	href="mod_proxy.html#access">secured your server</a>. Open proxy
	servers are dangerous both to your network and to the Internet at
	large.</p>
	</note>
	</summary>
	<seealso><module>mod_proxy</module></seealso>

	<section id="notes"><title>Request notes</title>
	<p><module>mod_proxy_connect</module> creates the following request notes for
	logging using the <code>%{VARNAME}n</code> format in
	<directive module="mod_log_config">LogFormat</directive> or
	<directive module="core">ErrorLogFormat</directive>:
	</p>
	<dl>
	<dt>proxy-source-port</dt>
	<dd>The local port used for the connection to the backend server.</dd>
	</dl>
	</section>

	<directivesynopsis>
	<name>AllowCONNECT</name>
	<description>Ports that are allowed to <code>CONNECT</code> through the
	proxy</description>
	<syntax>AllowCONNECT <var>port</var>[-<var>port</var>]
	[<var>port</var>[-<var>port</var>]] ...</syntax>
	<default>AllowCONNECT 443 563</default>
	<contextlist><context>server config</context><context>virtual host</context>
	</contextlist>
	<compatibility>Moved from <module>mod_proxy</module> in Apache 2.3.5.
	Port ranges available since Apache 2.3.7.</compatibility>

	<usage>
	<p>The <directive>AllowCONNECT</directive> directive specifies a list
	of port numbers or ranges to which the proxy <code>CONNECT</code> method
	may connect. Today's browsers use this method when a <code>https</code>
	connection is requested and proxy tunneling over HTTP is in effect.</p>

	<p>By default, only the default https port (<code>443</code>) and the
	default snews port (<code>563</code>) are enabled. Use the
	<directive>AllowCONNECT</directive> directive to override this default and
	allow connections to the listed ports only.</p>
	</usage>
	</directivesynopsis>

	</modulesynopsis>