Web Proxies

1
3

Web Proxies
Web Protocols and Practice
2
Topics
WEB PROXIES
Web Proxy Definition Three of the Most Common Intermediaries Classification of Proxies Gateway to non-HTTP Systems Filtering Request and Responses Request-Response Exchange with a Proxy Handling HTTP Requests and Responses Proxy Chaining and Hierarchies Proxy Configuration Proxy Privacy Issues Other kinds of Proxies
Web Protocols and Practice
3
Web Proxy Definition
WEB PROXIES
A Web proxy is an intermediary program that could be on the same machine or on a machine different form where the request originated. A Web proxy acts on behalf of a set of clients in communication with servers. A proxy acts as a server to clients and as a client to other proxies or origin servers.
Web Protocols and Practice
4
Web Proxy Definition
WEB PROXIES
A Web proxy is used for Sharing of resource access Caching of responses Anonymization Transformation of requests and responses Filtering requests/responses
Web Protocols and Practice
5
Three of the Most Common Intermediaries
WEB PROXIES
Three of the most common intermediaries are Proxy An intermediary program which acts as both a server and a client for the purpose of forwarding requests. Gateway A server that typically acts as an intermediary for a non-HTTP server such as a mail or FTP server. Tunnel An intermediary program that relays bits between two connections and acts at the syntactic level, unlike a proxy or gateway it does not parse or interpret the HTTP message following through it.
Web Protocols and Practice
6
WEB PROXIES

Server 1
Client 1
B
GET B
GET B
Client 2
GET A
A
GET A
GET A
Proxy
Server 2
Client 3
A
Figure 3.1. Proxy as an intermediary between a
client and an origin server
Web Protocols and Practice
7
WEB PROXIES
Figure 3.1 demonstrates a proxy playing the role of client and server. Client 1s request for resource B being forwarded by the proxy to server 1 and the response returned to the client. This response is not cached. The request from client 2 for resource A is forwarded to server 2, but the response is cached in the proxy and returned to the client. Now, when client 3 requests for resource A, the request is not forwarded by the proxy instead a cached copy of resource A is returned to client 3.
Web Protocols and Practice
8
Classification of Proxies
WEB PROXIES
Proxies can be divided to Caching proxy Proxies that have caches associated with them. Transparent proxy Proxies that do not modify messages as they flow through them.
Web Protocols and Practice
9
Gateway to non-HTTP Systems
WEB PROXIES
A proxy can play the role of an intermediary like gateway to other systems that communicate using non-HTTP. In communicating between a Web client and a FTP server, proxy acts as a gateway, because the client and server do not speak the same protocol (Figure 3.2).
Web Protocols and Practice
10
WEB PROXIES

FTP server
Client 1
F
F
GET ftp-resource F
HTTP server
Client 2
GET A
A
A
GET mail resource M
Mail server
Proxy
Client 3
M
Figure 3.2. Proxy acting as a gateway to
FTP,HTTP, and mail servers
Web Protocols and Practice
11
WEB PROXIES
Figure 3.2 shows how an proxy acts as a gateway to an FTP and mail server while also playing the role of an HTTP proxy. A Web client sends a request to an FTP server via a proxy. The request to the proxy is a regular HTTP request. The proxy first converts the Web clients request into an FTP request. Similarly, the proxy can act as a gateway to a mail server and obtain a mail resource M. The proxy would return the file to the Web client in the form of an HTTP response.
Web Protocols and Practice
12
Filtering Requests and Responses
WEB PROXIES
A proxy filters improper requests and responses based on Destination sites Characteristics (response size) Performance Security
Web Protocols and Practice
13
Request-Response Exchange with a Proxy
WEB PROXIES
A proxy can play the role in handling HTTP requests and responses. Various steps involved when a proxy is present in the path of a request from a browser to an origin server (Figure 3.3).
Web Protocols and Practice
14
WEB PROXIES
DNS server
Browser
1 DNS query
Origin server
4 DNS query
URL
Proxy
2 TCP connection
5 TCP connection
3 HTT Request
6 HTT Request
8 HTTP Response
7 HTTP Response
9 optional parallel connection
10 optional parallel connection
Figure 3.3. Steps in a browser process with proxy
in the path
Web Protocols and Practice
15
WEB PROXIES
Figure 3.3 shows that upon the users selection of a URL, the browser does the Domain Name System (DNS) lookup of the proxy and then sets up a TCP connection to the proxy (steps1 and 2). The HTTP request form the browser (step 3) triggers the proxy to do the DNS lookup of the origin server (step4). The proxy sets up a TCP connection to the origin server and then sends the HTTP request to the origin server (steps 5 and 6). The response from the origin server is sent back to the proxy, which forwards it to the browser (steps 7 and 8). The browser might set up optional parallel connections to the proxy, and the proxy may set up its own optional parallel connections to the origin server (steps 9 and 10).
Web Protocols and Practice
16
Handling HTTP Requests and Responses
WEB PROXIES
A proxy must be able to abide by several requirements like Syntactic requirements Semantic requirements
Web Protocols and Practice
17
Syntactic Requirements
WEB PROXIES
Syntactic requirements typically concern headers that a proxy add to messages and modifications of existing headers.
Web Protocols and Practice
18
Semantic Requirements
WEB PROXIES
The semantic requirements include proper handling of requests and responses and obeying the constraints on returning cached responses.
Web Protocols and Practice
19
Handling HTTP Requests and Responses
WEB PROXIES
The various requirements (syntactic and semantic) fall into the following categories Identification Version number change Adding obligatory information about the resource Semantic neutrality Handling delays and buffering State maintenance and policy issues Practical implementation issues Handling cookies
Web Protocols and Practice
20
Proxy Chaining and Hierarchies
WEB PROXIES
A users request and origin servers response may travel through several proxies chained together. (Figure 3.4) A set of proxies within an organization may be connected in a hierarchy. A regional proxy may be connected to other regional proxies, which in turn may be connected to a national proxy. This way is useful for reducing Communication costs Communication latency
Web Protocols and Practice
21
Client
Proxy-1
Proxy-2
Proxy-n
Origin Server
Figure 3.4. Proxy chain on the Web
Web Protocols and Practice
22
WEB PROXIES
Figure 3.4 shows that a message form a user agent may traverse through multiple servers before it reaches the origin server. Often, rather than a simple linear pipeline, the intermediate servers have other servers connected to them as well on both sides.
Web Protocols and Practice
23
Proxy Configuration
WEB PROXIES
A user can configure a browser to set various physical and semantic attributes. In the case of proxies, end users do not have any influence in changing configuration information associated with a proxy such as its cache size or frequency of revalidation.
Web Protocols and Practice
24
Proxy Privacy Issues
WEB PROXIES
A proxy is aware of many details that affects the privacy of the user. A proxy is viewed as a trusted intermediary. To keep users privacy, a proxy must act as a tunnel and providing end-to-end encryption.
Web Protocols and Practice
25
Other kinds of Proxies
WEB PROXIES
Reverse proxies Proxies had to be positioned closer to the origin server to Reduce the load on servers Prevent the origin server from being vulnerable Balance the load between the set of servers Access to origin servers behind a firewall
Web Protocols and Practice
26
Other kinds of Proxies
WEB PROXIES
Interception proxies A proxy that either directly examines network traffic and intercepts Web traffic or receives redirected traffic flow from network elements performing traffic interception. Interception proxies were called Transparent proxies in the industry.
Web Protocols and Practice