Proxy-Authorization HTTP Request Header: Syntax, Directive, Examples

Proxy-Authorization HTTP Request Header is an HTTP header for authorization of the requests to a proxy server. The usage purpose of the HTTP Proxy-Authorization Request Header while requesting a file, or folder from the webserver is to provide a secure data transfer between the client and the webserver. The HTTP Request Header should be used if the proxy web server is needed to be protected from foreign requests. The related HTTP Status Code for the Proxy-Authorization HTTP Header is 407. “Proxy-Authorization Required” is the meaning of the 407 HTTP Status Code. Following is an example of an HTTP response for the 407 HTTP Status Code.

HTTP/1.1 407 Proxy Authorization Required
Date: Wed, 21 Oct 2021 10:28:00 GMT
Proxy-Authorization: Basic realm="Access to internal site"

Proxy-Authorization HTTP Request Header can be seen above within the HTTP 407 Status Code. In this article, the Proxy-Authorization Syntax, Directives, and Uses with examples will be processed.

What is Proxy-Authorization?

The Proxy-Authorization determines the procedure to be applied to receive access from the proxy server. A method where a user is granted access by another user to use his/her identity to access his/her credentials. Proxy-Authorization can be used within ETP Proxy Authorities connections for providing a proxy chaining configuration. The HTTP Proxy-Authorization contains the credentials, and authenticate directives for the proxy servers.

What is the Syntax of Proxy-Authorization HTTP Request Header?

To use Proxy-Authorization HTTP Request Header the syntax below should be followed.

Proxy-Authorization: <type> <credentials>

The syntax of the Proxy-Authorization has three important parts. The first part will have the name of the HTTP Request Header which is Proxy-Authorization. There will be a “:” before the value of the HTTP Request Proxy-Authorization Header. The last part of the syntax of the Proxy-Authorization is the value. The value of the Proxy-Authorization has two sub-parts which are the type and the credentials. The type of the value of the Proxy Type has 11 kinds, these are following.

  1. Reverse Proxy
  2. Web Proxy Server
  3. Anonymous Proxy
  4. High Anonymity Proxy
  5. Transparent Proxy
  6. CGI Proxy
  7. Suffix Proxy
  8. Distorting Proxy
  9. Tor Onion Proxy
  10. I2P Anonymous Proxy
  11. DNS Proxy

The credentials for Proxy-Authorization are formed this way.

  1. Username and password are separated with a colon
  2. The outcome binary string will be a binary-to-text code base64 (e.g. YExwQERpbjpvRRCuc34zYW2l)

What is the Directive of Proxy-Authorization HTTP Request Header?

The directives of the Proxy-Authorization HTTP Request Headers are to tell what a browser should understand from the values of the Proxy-Authorization. There are two different Proxy-Authorization HTTP Request Header directives.

  • Type: The type value is to determine what type of authorization is used. The most common type for the Proxy-Authorization is the “Basic” type.
  • Credentials: Credentials is for the authorization of the user, which usually requires the username and password, separated by a colon. An example syntax for the HTTP-Authorization Credentials Directive is “username: password”.

Example usage of the directives of the Proxy-Authorization can be seen below.

Proxy-Authorization: Basic YAxhZERpbjpvREVuc34zYW1l

The example used above for the Proxy-Authorization has the value “Basic” for the type directive, and the “YAxhZERpbjpvREVuc34zYW1l” value is for the credentials. It means that the type of authorization is “Basic” and the credentials needed by the user is “YAxhZERpbjpvREVuc34zYW1l”.

How to use Proxy-Authorization HTTP Request Header?

To use the HTTP Request Proxy-Authorization Header, the developer should have a proxy web server, a user-agent, IP Address, and a web server configuration. A proxy server is the most important requirement for using the Proxy-Authorization, and user-agent, IP Address is for using the credentials for making the request to the web proxy server. To use the Proxy-Authorization HTTP Request Header, the webserver technology is important. For example, to use the HTTP Request Proxy-Authorization Header within the Apache server, the “mox_proxy_http” module should be used. Within the “mox_proxy_http” module, the “proxy-initial-nor-pooled, and proxy-chain-auth or other specifics can be used for proxy authorization HTTP headers.

Examples of Proxy-Authorization HTTP Request Header Use

Proxy-Authorization: Basic AWxhZGRpbjpvcGVuc2ezYW1l
Proxy-Authorization: Basic YExhZGRpbjpvcGVuc2VzYW1l
Proxy-Authorization: Basic YQxhZGRpbjpvcGVuc2VzYW1l
Proxy-Authorization: Basic YWxHZGRpbjpvaEVuc2VzYR1l
Proxy-Authorization: Basic YWxhZGRpbjpvcGVuc2Vz

What are the Specification Documents for Proxy-Authorization HTTP Request Header?

The specification documents of the Proxy-Authorization are found below.

  • RFC 7230. this document replies to an invalid request, errors or any unacceptable requests (e.g. 400 status code). This may be due to apparent client error, lack of a host, or invalid data.
  • RFC 2617. The RFC 2617 document replaced the RFC 2069. RFC 2617 provides more security options and unlike the “basic” type, this header requests access to validate communication for both sides to safely share username’s passwords.
  • RFC 7616: The RFC 7616 document will ask for the client to give validation figures.
  • RFC 5234: The RFC 5234 document is a connected context separated by a period (“.”). 
  • RFC 7235: The RFC 7235 document serves as the general authorization framework. 
  • RFC 7617: The RFC 7617 document is a “basic” type used for pairing username and password as authorization patterns.

What are the type of Proxy-Authorization HTTP Request Header?

HTTP Request Header is a type of Proxy-Authorization Header, the purpose of this header is to provide data for the required subject in an HTTP request that will generate the server. The other types of HTTP Headers from the Proxy-Authorization can be found below.

  1. Response Headers. This provides additional data about the subject, such as location, characteristics, service provider, etc. 
  2. Representation Headers. This header can be applied when information generated about the subject is incomplete using other headers.
  3. Payload Headers. This header is used to define an accurate data transfer and preserve the content structure of the original source.

What are the similar HTTP Headers to Proxy-Authorization?

The similar HTTP Headers to Proxy-Authorization can be found below.

  • WWW-Authenticate. The WWW-Authenticate provides access to the resource. 
  • Authorization. The Authorization from a client provides the other user access to the resource. 
  • Proxy-Authenticate. The Proxy-Authenticate provides the structure on how to access the resource.

Which Browsers Support Proxy-Authorization HTTP Header? 

  • Chrome Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Edge Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Firefox Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Opera Browser is compatible e with the support Proxy-Authorization HTTP Header
  • WebView Android Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Chrome Android Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Firefox for Android Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Opera Android Browser is compatible e with the support Proxy-Authorization HTTP Header
  • Samsung Internet Browser is compatible e with the support Proxy-Authorization HTTP Header

There is no image available for the Proxy-Authorization HTTP Header

Koray Tuğberk GÜBÜR

Leave a Comment