When mod_rewrite proxies a CONNECT request, it fully qualifies the substitution string. The result is a failed connection to the originally requested server instead of the proxy server. TEST CASE: curl -x http://myproxyserver.com:9080 https://mysslserver.com EXAMPLE APACHE CONFIG: Listen 9080 NameVirtualHost *:9080 <VirtualHost *:9080> ServerName myproxyserver.com AllowCONNECT 8888 RewriteEngine On RewriteCond %{REQUEST_METHOD} ^CONNECT$ [NC] RewriteCond %{HTTP_HOST} ^mysslserver.com:443$ RewriteRule ^(.*)$ myqasslserver.com:8888 [P] </VirtualHost> RESULT: The method fully_qualify_uri changes the substitution string from: myqasslserver.com:8888 to: http://mysslserver.com:443/myqasslserver.com:8888
Created attachment 24329 [details] Do not fully qualify the substitution string for CONNECT method
Applied to httpd-trunk in r822004.
Is there a way to get this committed to the 2.2.x branch also? That's what the patch was created against. (In reply to comment #2) > Applied to httpd-trunk in r822004.
(In reply to comment #3) > Is there a way to get this committed to the 2.2.x branch also? > See http://svn.apache.org/viewvc?rev=829677&view=rev
backported to 2.2.x in r832124, will be in 2.2.15