From unknown Sat Jun 14 18:57:13 2025 X-Loop: help-debbugs@gnu.org Subject: bug#25518: 25.1.91; url-retrieve does not work with https over proxy Resent-From: Andreas Schwab Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 24 Jan 2017 13:26:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 25518 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: 25518@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.148526432225443 (code B ref -1); Tue, 24 Jan 2017 13:26:01 +0000 Received: (at submit) by debbugs.gnu.org; 24 Jan 2017 13:25:22 +0000 Received: from localhost ([127.0.0.1]:39887 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cW16A-0006cJ-HR for submit@debbugs.gnu.org; Tue, 24 Jan 2017 08:25:22 -0500 Received: from eggs.gnu.org ([208.118.235.92]:53146) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cW168-0006c6-Bw for submit@debbugs.gnu.org; Tue, 24 Jan 2017 08:25:20 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cW162-000891-D5 for submit@debbugs.gnu.org; Tue, 24 Jan 2017 08:25:15 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_40 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:55878) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cW162-00088x-A9 for submit@debbugs.gnu.org; Tue, 24 Jan 2017 08:25:14 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44109) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cW161-00051Y-3a for bug-gnu-emacs@gnu.org; Tue, 24 Jan 2017 08:25:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cW15w-000877-LJ for bug-gnu-emacs@gnu.org; Tue, 24 Jan 2017 08:25:13 -0500 Received: from mail-out.m-online.net ([2001:a60:0:28:0:1:25:1]:53781) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cW15w-00085C-Em for bug-gnu-emacs@gnu.org; Tue, 24 Jan 2017 08:25:08 -0500 Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 3v78765HPHz3hlwx for ; Tue, 24 Jan 2017 14:25:05 +0100 (CET) Received: from localhost (dynscan1.mnet-online.de [192.168.6.68]) by mail.m-online.net (Postfix) with ESMTP id 3v78756Zm2zvkKX for ; Tue, 24 Jan 2017 14:25:05 +0100 (CET) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new, port 10024) with ESMTP id B5E4I_aNSDAb for ; Tue, 24 Jan 2017 14:25:04 +0100 (CET) X-Auth-Info: Es2Q9Px6gl9VIO5LU3Kyg6Aa1n4MBrAYkMFPBXDRlEedo8ITrohrhCMqdXyBNRVO Received: from linux.local (ppp-88-217-0-51.dynamic.mnet-online.de [88.217.0.51]) by mail.mnet-online.de (Postfix) with ESMTPA for ; Tue, 24 Jan 2017 14:25:04 +0100 (CET) Received: by linux.local (Postfix, from userid 501) id 3BB601E5484; Tue, 24 Jan 2017 14:25:02 +0100 (CET) From: Andreas Schwab X-Yow: The PINK SOCKS were ORIGINALLY from 1952!! But they went to MARS around 1953!! Date: Tue, 24 Jan 2017 14:25:01 +0100 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1.91 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -5.0 (-----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.0 (-----) url-retrieve should use CONNECT when talking to a https URL over a proxy and then talk over the connection as if not using a proxy. ;; use locally running privoxy as proxy (setq url-proxy-services '(("https" . "localhost:8118"))) (with-current-buffer (url-retrieve-synchronously "https://www.heise.de") (buffer-string)) => "HTTP/1.1 200 Connection established\n\n" Andreas. -- Andreas Schwab, schwab@linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." From unknown Sat Jun 14 18:57:13 2025 X-Loop: help-debbugs@gnu.org Subject: bug#25518: 25.1.91; url-retrieve does not work with https over proxy Resent-From: David Engster Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 24 Jan 2017 20:34:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 25518 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Andreas Schwab Cc: 25518@debbugs.gnu.org Received: via spool by 25518-submit@debbugs.gnu.org id=B25518.148528999212378 (code B ref 25518); Tue, 24 Jan 2017 20:34:02 +0000 Received: (at 25518) by debbugs.gnu.org; 24 Jan 2017 20:33:12 +0000 Received: from localhost ([127.0.0.1]:40800 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cW7mC-0003DZ-10 for submit@debbugs.gnu.org; Tue, 24 Jan 2017 15:33:12 -0500 Received: from randomsample.de ([5.45.97.173]:34953) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cW7mA-0003DR-3M for 25518@debbugs.gnu.org; Tue, 24 Jan 2017 15:33:10 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=randomsample.de; s=a; h=Content-Type:MIME-Version:Message-ID:Date:References:In-Reply-To:Subject:Cc:To:From; bh=REd+qjI+jxInLGEslTqU+7GJiJrb+6GbOyWx6uLRIWY=; b=TkAB5K2D9ysKtbeVz3YnKVXsFtCkdKzi/9s1Pg6uXAK903qXVwKTwLZNTIclJCGt2Rs/OnMPYWjKXXXwKhf5UBj6frEffhtDV5N1AeAaLw2AMLdakMcsPxO+03Ot6avV; Received: from ip4d16b353.dynamic.kabel-deutschland.de ([77.22.179.83] helo=isaac) by randomsample.de with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from ) id 1cW7m8-00071o-D3; Tue, 24 Jan 2017 21:33:08 +0100 From: David Engster In-Reply-To: (Andreas Schwab's message of "Tue, 24 Jan 2017 14:25:01 +0100") References: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) Mail-Copies-To: never Date: Tue, 24 Jan 2017 21:33:04 +0100 Message-ID: <871svs2o73.fsf@engster.org> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -3.2 (---) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.2 (---) Andreas Schwab writes: > url-retrieve should use CONNECT when talking to a https URL over a proxy > and then talk over the connection as if not using a proxy. > > ;; use locally running privoxy as proxy > (setq url-proxy-services '(("https" . "localhost:8118"))) > (with-current-buffer (url-retrieve-synchronously "https://www.heise.de") > (buffer-string)) => "HTTP/1.1 200 Connection established\n\n" Is this identical to #11788? If so, this is fixed only on master because it was deemed too risky for emacs-25. I'm still of the opinion that this is a serious security issue, because of the possible silent fallback to http without the user noticing. I'm always running my Emacs with 3c623c26a manually backported. -David From unknown Sat Jun 14 18:57:13 2025 X-Loop: help-debbugs@gnu.org Subject: bug#25518: 25.1.91; url-retrieve does not work with https over proxy Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 24 Sep 2019 08:32:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 25518 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Andreas Schwab Cc: 25518@debbugs.gnu.org Received: via spool by 25518-submit@debbugs.gnu.org id=B25518.156931392015333 (code B ref 25518); Tue, 24 Sep 2019 08:32:02 +0000 Received: (at 25518) by debbugs.gnu.org; 24 Sep 2019 08:32:00 +0000 Received: from localhost ([127.0.0.1]:37632 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iCgEq-0003z4-8c for submit@debbugs.gnu.org; Tue, 24 Sep 2019 04:32:00 -0400 Received: from quimby.gnus.org ([80.91.231.51]:58982) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iCgEn-0003wT-Sp for 25518@debbugs.gnu.org; Tue, 24 Sep 2019 04:31:58 -0400 Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie) by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1iCgEj-0003Yc-Ui; Tue, 24 Sep 2019 10:31:56 +0200 From: Lars Ingebrigtsen References: Date: Tue, 24 Sep 2019 10:31:53 +0200 In-Reply-To: (Andreas Schwab's message of "Tue, 24 Jan 2017 14:25:01 +0100") Message-ID: <87ftkm14ee.fsf@gnus.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: Andreas Schwab writes: > url-retrieve should use CONNECT when talking to a https URL over a proxy > and then talk over the connection as if not using a proxy. > > ; ; use locally running privoxy as proxy > (setq url-proxy-se [...] Content analysis details: (-2.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Andreas Schwab writes: > url-retrieve should use CONNECT when talking to a https URL over a proxy > and then talk over the connection as if not using a proxy. > > ;; use locally running privoxy as proxy > (setq url-proxy-services '(("https" . "localhost:8118"))) > (with-current-buffer (url-retrieve-synchronously "https://www.heise.de") > (buffer-string)) => "HTTP/1.1 200 Connection established\n\n" I tried this with tinyproxy and Emacs 27, and it worked for me, so I'm guessing this has been fixed in the meantime, and I'm closing the bug report. Please reopen if this is still an issue. -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no From debbugs-submit-bounces@debbugs.gnu.org Tue Sep 24 04:32:05 2019 Received: (at control) by debbugs.gnu.org; 24 Sep 2019 08:32:06 +0000 Received: from localhost ([127.0.0.1]:37636 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iCgEv-00043X-IQ for submit@debbugs.gnu.org; Tue, 24 Sep 2019 04:32:05 -0400 Received: from quimby.gnus.org ([80.91.231.51]:59002) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iCgEs-00040Z-Ge for control@debbugs.gnu.org; Tue, 24 Sep 2019 04:32:03 -0400 Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie) by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1iCgEp-0003Yl-MC for control@debbugs.gnu.org; Tue, 24 Sep 2019 10:32:01 +0200 Date: Tue, 24 Sep 2019 10:31:59 +0200 Message-Id: <87ef0614e8.fsf@gnus.org> To: control@debbugs.gnu.org From: Lars Ingebrigtsen Subject: control message for bug #25518 X-Spam-Report: Spam detection software, running on the system "quimby.gnus.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: close 25518 quit Content analysis details: (-2.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) close 25518 quit