| The CatchURL tutorial demonstrates catching a form login to a http (non-SSL)
website. My understanding of how SSL works for https websites is that this
capture by a traditional http proxy can NOT work. (The encryption is between
the browser and the web site. The proxy won't be able to see the contents.)
If I am correct, this should be documented (in FAQ (under Authentication) & in
the CatchURL tutorial) so others will not waste their time trying to get it to
work.
I'm happy to look at the source of the page and to fill out the HTTP data that
goes into the postfile based upon the form's fields. Is there a document or a
posting here that describes doing that? I could pull up the HTTP RFCs but I
was looking for something a little more direct.
| |