"Received HTTP code 400 from proxy after CONNECT", trying to put mitmproxy behind nginx

DrownedSuccess

5/20/23, 2:27 AM

I have a mitmproxy running on port 2011. I can use it by itself, with curl -x http://127.0.0.1:2011 google.com. However, I now want to put it behind nginx under the domain name proxy.history.test. However, doing curl -x http://proxy.history.test:80 google.com -L -v fails with

* Received HTTP code 400 from proxy after CONNECT
* CONNECT phase completed!
* Closing connection 1
curl: (56) Received HTTP code 400 from proxy after CONNECT

My nginx.conf:

worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

pid        /dev/null;

daemon off;

events {
    worker_connections  1024;
}


http {

    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
    }

    map $http_host $service_port {
        hostnames;
        default '';


        proxy.history.* 2011;
        }

    proxy_temp_path ./tmp;
    access_log /dev/null;
    ssl_certificate ./cert.pem;
    ssl_certificate_key ./key.pem;
    #proxy_set_header Host localhost;
    client_body_temp_path ./tmp;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    client_max_body_size 50m;


    server {
            listen       127.0.0.1:443 ssl;
    
            server_name  *.test;
    
            location / {

                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-NginX-Proxy true;
                
                proxy_pass http://127.0.0.1:$service_port;

            }
        }



        server {
                    listen       127.0.0.1:80;
                    
                    server_name  *.test;
                    

                    return 302 https://$http_host$request_uri;

                }

    

        
}

(I have to specify :80 in the curl command, because otherwise, it will try to connect to port 1080, for some reason).

1164

0 + 0

nginx

proxy

mitmproxy

Score:0

Server

AlexD

5/20/23, 6:48 AM

nginx is a reverse proxy and not a forward proxy and doesn't support HTTP CONNECT method. You'll need to find a third-party nginx module to support CONNECT.

0 + 0

DrownedSuccess

5/20/23, 6:44 PM

Does `nginx` have to be recompiled for that module, or can it be loaded in dynamically (like DKMS)?

Marcel

7/6/23, 9:08 AM

Nginx can work as a transparent forwarding proxy with the TCP/UDP Stream module. But only for one specific destination, not dynamically forwarded. For that the proxy_connect module from the previous comment is needed.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: "Received HTTP code 400 from proxy after CONNECT", trying to put mitmproxy behind nginx

TH: "ได้รับรหัส HTTP 400 จากพร็อกซีหลังจากเชื่อมต่อ" พยายามใส่ mitmproxy ไว้ด้านหลัง nginx

RO: „Am primit codul HTTP 400 de la proxy după CONNECT”, încercând să punem mitmproxy în spatele nginx

RU: «Получен HTTP-код 400 от прокси после CONNECT», попытка поставить mitmproxy за nginx

VI: "Đã nhận mã HTTP 400 từ proxy sau CONNECT", cố gắng đặt mitmproxy sau nginx

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.