Feature Request: add HTTPS proxy #4577
Comments
|
@s3rj1k There is no need for https here, because everything is encrypted using MTProto, so no one can see anything that would be hidden by https. |
|
MTProto can be detected by DPI and blocked, but if one would tunnel through HTTPS proxy no one sane would drop those packets. |
|
Same applies for SOCKS (even with passwords) btw. |
|
@stek29 yep. But secure SOCKS (shadowsocks) is kind of hackish protocol. On the other hand HTTPS is defacto standard, implemented in all major web browsers. |
|
@john-preston any news on this? |
|
@s3rj1k No news, sorry :( Current proxy implementation works through http://doc.qt.io/qt-5/qnetworkproxy.html and I'm not sure they support https proxy (otherwise it would work already). |
|
made JIRA issue for upstream https://bugreports.qt.io/browse/QTBUG-67709 |
|
Proxy authorization data transfers as a plain text (by design in RFC). It is not safe to use your application with a proxy in public networks. Please add support tls/ssl protocol for socks/http proxy |
|
@101usb No, it is as safe to use Telegram with proxy as without proxy (so pretty much safe) |
|
@stek29 we would feel safer with TLS encryption option in proxy :) |
|
@Aokromes I have HTTP and HTTPS requests used in tdesktop, but I'm not sure how you use HTTPS proxy there - I see only HTTP proxy type in docs. |
|
I tried a HTTPS proxy from here, https://us-proxy.org/ It worked for me in Tdesktop 1.2.18 alpha, although it displays HTTP in tdesktop UI. |
|
I'll just leave this link here (in russian) |
|
@s3rj1k that link' tl;dr; One of the biggest Russian ISP blocks MTProxy by checking packet sizes. |
|
Hey there! This issue will be automatically closed in 7 days if there would be no activity. We therefore assume that the user has lost interest or resolved the problem on their own. Don't worry though; if this is an error, let us know with a comment and we'll be happy to reopen the issue. Thanks! |
|
Still an issue |
|
Qt folks decided not to support HTTPS proxies, so tdesktop wouldn't have support for them as well: |
|
@ilya-fedin Well this is disappointing to say the least. |
|
Hey there! This issue was inactive for a long time and will be automatically closed in 30 days if there isn't any further activity. We therefore assume that the user has lost interest or resolved the problem on their own. Don't worry though; if this is an error, let us know with a comment and we'll be happy to reopen the issue. Thanks! |
|
Still an issue, this brings a bit more sadness :( |
|
This still needs implementation on Qt level. Given that Qt folks decided not to implement this, this will be never implemented, most likely. |
|
MTProto mode is definitely not implemented by QT, so what stops using some third-party lib to support HTTPS proxy? |
|
Are you sure there any? According to Qt issue, only browsers have support for this. |
|
@ilya-fedin I will allow to support any feasible network proxy, so I don't think that this is over-engineering. But yea, less prettier then native Qt API wrapper |
|
And Qt already has SOCKS server code bits :) |
Having a proxy server inside a messenger is definitely over-engineering. Not to say how much questions would be from admins of stores with confined environments (Microsoft Store, Mac App Store, Snap Store, Flathub). |
|
Could be an optional plugin maybe. |
|
tdesktop doesn't have plugin support and won't most likely |
|
Could be a button in GUI that installs separate SOCKS5 server application :) |
|
Even more over-engineering. You propose solutions that acceptable only for unofficial clients for power users, not for an official client of a messenger for mass market. |
|
Well I propose a solution, you on the other hand say that this is impossible to do in any way, no offense intended. |
|
Yeah, it's not important enough to be implemented any time soon, but feature requests that have no plan to be implemented aren't being closed usually here. |
|
@ilya-fedin Are you sure that they are not closed? |
|
I see it's closed as a duplicate. But I don't understand why Aokromes mark issues as duplicates of comments. |
|
I don't see any mentions of duplicate issue, it was just brutally closed :) |
|
When @Aokromes posts a link to another issue or comment and closes, this means he marked the issue as a duplicate |
|
And probably closing them explicitly is a better way of communicating team intentions to public rather when waiting for a bot to auto-close it, in hopes that nobody cares anymore :) |
|
Not really. If feature requests aren't considered to be implemented any time soon, this doesn't mean that they won't be implemented at all. |
|
It gives a false hope for tdesktop users, |
|
probably people don't understand that feature requests are just feature requests and if no one says something will be implemented, that won't be implemented any time soon most likely |
|
That is because they are left open without any feedback until There is a reason why Qt closes tickets with Wouldn't you say that knowing about Qt lack of interest in implementing HTTPS proxy API closes some of your open gestalts ? |
Whatever you will write, this won't be changed most likely, sorry.
I can't parse that. |
|
So If a read your comments correctly, you say that tdesktop team does not care much about user created issues in github? |
|
AFAIK there's no "tdesktop team". AFAIK john-preston is the only hired developer here and all his time goes to implementing whatever hiss bosses tell to implement him. But he is the only who reads issues here. In other words, "tdesktop team" (in form of preston) reads that, but that issue tracker is not really official and other part of Telegram team doesn't see these feature requests, most likely. |
|
So how to make an official issue request? Also this one makes me more sad Seems like proxy stuff is a big tdesktop problem |
Previously it was possible only via in-app support. |
|
(no one there closes issues as won't fix as well, btw) |
well, lol :) |
In addition to HTTP proxy, would be nice to have option to use HTTPS proxy (tls+http)
for more security
The text was updated successfully, but these errors were encountered: