top | item 12115198 (no title) andrewsomething | 9 years ago A good non-technical explainer: https://medium.com/@nzdominic/what-is-httpoxy-65a33a8a1f4d#.... discuss order hn newest vbernat|9 years ago It says that API requests using TLS are not vulnerable. However, many applications won't do the appropriate certificate checking. If HTTP_PROXY is set to a mitm proxy, it can succeed. kpcyrd|9 years ago The reason why they aren't affected is that you need to set HTTPS_PROXY for https:// load replies (1)
vbernat|9 years ago It says that API requests using TLS are not vulnerable. However, many applications won't do the appropriate certificate checking. If HTTP_PROXY is set to a mitm proxy, it can succeed. kpcyrd|9 years ago The reason why they aren't affected is that you need to set HTTPS_PROXY for https:// load replies (1)
kpcyrd|9 years ago The reason why they aren't affected is that you need to set HTTPS_PROXY for https:// load replies (1)
vbernat|9 years ago
kpcyrd|9 years ago