Closed elico closed 8 years ago
cf-gitbot
commented
8 years ago We have created an issue in Pivotal Tracker to manage this:
https://www.pivotaltracker.com/story/show/128961921
The labels on this github issue will be updated when the story is started.
robdimsdale
commented
8 years ago Currently we don't do any inspection on the incoming connections. Bytes are copied bidirectionally with no awareness of contents.
All data connections arriving at the proxy are TCP (TLS termination is expected to have happened upstream) and the control-path connections are HTTP (again, HTTPS termination is expected to have happened upstream, and set the X-Forwarded-Proto: https header).
Does this answer your question?
elico
commented
8 years ago @robdimsdale yes! Thanks!
robdimsdale
commented
8 years ago Great, thanks.
Are you doing some probing on the incomming connections? if so can I get a pointer in the code? I am looking at different ways that proxy applications are identifying incoming connections. How do they verify that it's HTTP or TLS or other?