I've received reports of a strange error message (over HTTPS) that is not a part of my web application. The only thing I can think of is that it's coming from a proxy server. Is that possible? Can a proxy server intercept a request that is being sent over HTTPS and return a strange error before the request reaches it's intended destination?
Asked
Active
Viewed 110 times
1 Answers
2
HTTPS intercepting proxies are commonplace in many companies. But also many desktop antivirus products ship with a proxy to intercept and scan HTTPS traffic. And sometimes malware does it too. These proxies can then scan, modify or replace any traffic. This is used for valid purposes to block malware or data leakage (which might result in the strange errors you see) and for invalid purposes for example to inject advertisement into the traffic.
See also Is it common practice for companies to MITM HTTPS traffic?.
Steffen Ullrich
- 184,332
- 29
- 363
- 424