Open ohaddahan opened 5 years ago
Worth looking into, however due to last PR by @Otetz it might cause a regression for anyone using Privoxy's ACLs.
Leaving this open for now.
I think not so many people use Privoxy ACL at now. The lower the points of failure — the higher the reliability. But in any case, some kind of client authorization will be required on HAProxy. In order not to leave it open to the entire Internet.
@Otetz I believe Privoxy
shouldn't even be in ports accessible to the outside world.
Only HAProxy
should, and it support authentication.
I honestly don't see any use for Privoxy
with the existence of HTTPTunnelPort
.
Currently I am unable to make necessary changes to this project but if someone has a spare moment they can open a PR and we can continue there.
Probably Privoxy should be kept for a while because of this: https://tor.stackexchange.com/questions/16095/405-method-connection-mark-unattached-ap
Or DeleGate can be considered as a replacement: https://superuser.com/questions/423563/convert-http-requests-to-socks5
I think it's worth noting that HttpTunnelPort
only supports CONNECT
. So it does not function as a transparent proxy, which many or even most clients expect when talking HTTP
(for HTTPS
, the connect method is indeed used). Edit: ah, this what the stackexchange link above talks about.
Newer
Tor
versions support HTTPTunnelPort , makingPrivoxy
unneeded. Can just pass--HTTPTunnelPort
and connectHAProxy
directly toTor
.