Click here to Skip to main content
14,637,028 members
Articles » General Programming » Internet / Network » Proxy / Firewall
Posted 14 Aug 2004


80 bookmarked

HTTP Tunneling (HTTP Proxy Socket Client)

Rate this:
4.26 (31 votes)
Please Sign up or sign in to vote.
4.26 (31 votes)
14 Aug 2004
An easy way to pass through HTTP Proxy to connect to outside world, in a LAN.


HTTP Tunneling

HTTP is a text-based protocol to retrieve Web pages through a Web browser. Mostly, if you are on a LAN connection, you are behind a proxy server; this proxy server has one HTTP proxy running on some defined port. In your Internet Explorer's Connection option, you specify LAN settings as required. This proxy server is definitely running on a text-based protocol, and you can only get HTTP-related data from the outside network, right!! Well, there is a small loophole from which you can go through HTTP and connect to the outside world and get any data you want in binary protocol, or even your own protocol. It's through HTTPS.

HTTPS Explanation

In HTTPS, data is transferred from browser to server and server to browser in a secure manner. It's a binary protocol; when it goes through a proxy, the proxy doesn't understand anything. The proxy just allows a binary stream to open and lets both server and client exchange the data. Now, we can fool the proxy server and connect to any server and exchange data. The proxy server will think that we are doing some secure HTTP session.

For HTTPS, your browser connects to a proxy server and sends a command:

<FONT color=#000080><FONT color=#ff0000>CONNECT</FONT></FONT> <FONT color=#ff0000>HTTP/1.0</FONT> <CR><LF>
<FONT color=#ff0000>HOST</FONT><CR><LF>
[... other HTTP header lines ending with <CR><LF> if required]>
<CR><LF>    // Last Empty Line

Then, the proxy server treats this as some HTTP Secure Session, and opens a binary stream to the required server and port as defined. If a connection is established, the proxy server returns the following response:

<FONT color=#ff0000>HTTP/1.0</FONT> 200 Connection Established<CR><LF>
[.... other HTTP header lines ending with <CR><LF>..
ignore all of them]
<CR><LF>    // Last Empty Line

Now, the browser is connected to the end server and can exchange data in both a binary and secure form.

How to Do This

Now, it's your program's turn to fool the proxy server and behave as Internet Explorer behaves for Secure HTTP.

  1. Connect to Proxy Server first.
  2. Issue CONNECT Host:Port HTTP/1.1<CR><LF>.
  3. Issue <CR><LF>.
  4. Wait for a line of response. If it contains HTTP/1.X 200, the connection is successful.
  5. Read further lines of response until you receive an empty line.
  6. Now, you are connected to the outside world through a proxy. Do any data exchange you want.

Sample Source Code

// You need to connect to on port 25
// Through a proxy on, on HTTP Proxy 4480
// CSocketClient is Socket wrapping class
// When you apply operator << on CString, it writes CString
// To Socket ending with CRLF
// When you apply operator >> on CString, it receives
// a Line of response from socket until CRLF

  CString Request,Response;
  CSocketClient Client;

  Client.ConnectTo(<FONT color=#ff0000>""</FONT>,4480);

  // Issue CONNECT Command
  Request = <FONT color=#ff0000>"CONNECT HTTP/1.0"</FONT>;

  // Issue empty line
  Request = <FONT color=#ff0000>""</FONT>;

  // Receive Response From Server

  // Ignore HTTP Version

  int n = Response.Find(<FONT color=#ff00ff>' '</FONT>);
  Response = Response.Mid(n+1);

  // Http Response Must be 200 only
  if(Response.Left(3)!=<FONT color=#ff0000>"200"</FONT>)
    // Connection refused from HTTP Proxy Server

  // Read Response Lines until you receive an empty line.
    if (Response.IsEmpty())
  }while (true);

  // Coooooooool.... Now connected to
  // Do further SMTP Protocol here..

catch (CSocketException * pE)

Library Source Code

The Dns.h file contains all DNS-related source code. It uses other libraries, as SocketEx.h, SocketClient.h, and NeuroBuffer.h.


Socket functions as a wrapper class. (CSocket is very heavy and unreliable if you don't have the exact idea of how it works.) All the functions are of the same name as CSocket. You can use this class directly.


Derived from CSocketEx and throws proper exceptions with details of Winsock errors. It defines two operators, >> and <<, for easy sending and receiving; it also changes network to host and host to network order of bytes if required.


Derived from CSocketClient, you can call the SetProxySettings(ProxyServer,Port) method and set proxy settings. Then, you can connect to the desired host and port as you need. The ConnectTo method is overridden, and it automatically implements an HTTP proxy protocol and gives you a connection without any hassle.

How to Use CHttpProxySocketClient

// e.g. You need to connect to on port 25
// Through a proxy on, on HTTP Proxy 4480
// CSocketClient is Socket wrapping class
// When you apply operator << on CString, it writes CString
// To Socket ending with CRLF
// When you apply operator >> on CString, it receives
// Line of response from socket until CRLF
  CHttpProxySocketClient Client;

  Client.SetProxySettings(<FONT color=#ff0000>""</FONT>,1979);

  // Connect to server on port 25
  Client.ConnectTo(<FONT color=#ff0000>""</FONT>,25);

  // You now have access to on port 25
  // If you do not call SetProxySettings, then
  // you are connected to directly if
  // you have direct access, so always use
  // CHttpProxySocketClient and no need to do any
  // extra coding.

catch(CSocketException * pE) {

Note: I usually don't program in the form of .h and .cpp different files, because using them the next time somewhere else is a big problem because you must move both files here and there. So, I put all the code in my .h file only; I don't write to the .cpp file unless it's required. You need to copy only the SocketEx.h, SocketClient.h, and HttpProxySocket.h files into your project's directory, and add line:

#include "<FONT color=#ff0000>HttpProxySocket.h</FONT>"

after your:

#if !defined(.....

and so forth code of your Visual Studio-generated file. If you put anything above this, you will get n number of errors.

More about me.


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author

Akash Kava
Web Developer
United States United States
Programmer with WILL

Comments and Discussions

Questionits buggy Pin
Member 1153929012-Jan-17 10:35
MemberMember 1153929012-Jan-17 10:35 
GeneralMy vote of 4 Pin
anderbill8-Nov-10 16:10
Memberanderbill8-Nov-10 16:10 
Generaldosen't seem to work Pin
Member 72127922-Jun-09 2:46
MemberMember 72127922-Jun-09 2:46 
QuestionC# Solution for this? Pin
Michael Ulmann28-Jun-07 2:15
MemberMichael Ulmann28-Jun-07 2:15 
AnswerRe: C# Solution for this? Pin
mcldev13-Jul-07 7:59
Membermcldev13-Jul-07 7:59 
QuestionBlacklist VS Whitelist firewalls? Pin
MatthysDT1-Mar-07 20:01
MemberMatthysDT1-Mar-07 20:01 
AnswerRe: Blacklist VS Whitelist firewalls? Pin
Akash Kava1-Mar-07 21:16
MemberAkash Kava1-Mar-07 21:16 
GeneralProxy problem Pin
ryb198321-Nov-06 17:28
Memberryb198321-Nov-06 17:28 
QuestionProxy authentification Pin
Ice_2k8-Oct-06 23:02
MemberIce_2k8-Oct-06 23:02 
AnswerRe: Proxy authentification Pin
Akash Kava9-Oct-06 15:41
MemberAkash Kava9-Oct-06 15:41 
GeneralRe: Proxy authentification Pin
tankSanju22-May-08 19:00
MembertankSanju22-May-08 19:00 
GeneralRe: Proxy authentification Pin
tankSanju22-May-08 21:02
MembertankSanju22-May-08 21:02 
GeneralRe: Proxy authentification Pin
tankSanju22-May-08 21:06
MembertankSanju22-May-08 21:06 
GeneralRe: Proxy authentification Pin
dugga19-Oct-10 20:10
Memberdugga19-Oct-10 20:10 
GeneralIf the serve need name and password,how can I do it Pin
yuluzju22-Aug-05 22:36
Memberyuluzju22-Aug-05 22:36 
Generalapplication spectrum Pin
avi-wildthing15-Aug-05 7:19
Memberavi-wildthing15-Aug-05 7:19 
QuestionWhat if I wanna connect to more proxies? Pin
Hoornet936-Jun-05 3:10
MemberHoornet936-Jun-05 3:10 
Generalwell, cool article... but Pin
MMs_xH24-May-05 3:18
MemberMMs_xH24-May-05 3:18 
GeneralRe: well, cool article... but Pin
Akash Kava24-May-05 8:08
MemberAkash Kava24-May-05 8:08 
GeneralRe: well, cool article... but Pin
MMs_xH8-Jun-05 23:18
MemberMMs_xH8-Jun-05 23:18 
GeneralRe: well, cool article... but Pin
paijwar4-Sep-06 23:07
Memberpaijwar4-Sep-06 23:07 
Generalreally urgent Pin
Merin Ann Alexander2-Mar-05 17:24
MemberMerin Ann Alexander2-Mar-05 17:24 
General403 forbidden why Pin
liuliu21-Nov-04 22:00
Memberliuliu21-Nov-04 22:00 
GeneralRe: 403 forbidden why Pin
Akash Kava22-Nov-04 3:11
MemberAkash Kava22-Nov-04 3:11 
GeneralRe: 403 forbidden why Pin
liuliu22-Nov-04 14:11
Memberliuliu22-Nov-04 14:11 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.