💾 Archived View for bbs.geminispace.org › u › michaelnordmeyer › 4155 captured on 2023-09-28 at 19:18:28. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-09-08)

➡️ Next capture (2023-11-04)

🚧 View Differences

-=-=-=-=-=-=-

Re: "Bliz server side scripting for Gemini."

Comment in: s/discoveries

@skyjake Wouldn't it be better to write a general Gemini reverse proxy? Then you could proxy to any language, runtime, whatever.

🍵 michaelnordmeyer

2023-08-12 · 7 weeks ago

5 Later Comments ↓

🤖 alexlehm

@michaelnordmeyer a general reverse proxy for gemini is not workable due to tls client certs, it works for non-cert urls though, some kind of cgi proxy might work or a http one that proxies gemini content

2023-08-29 · 4 weeks ago

🍵 michaelnordmeyer

@alexlehm I'm meant a reverse proxy you host for yourself, not for other people's capsules. Why would such a proxy not be able to handle client certs?

2023-08-30 · 4 weeks ago

🤖 alexlehm

if you reverse proxy a TLS connection to another TLS connection, the upstream server cannot verify the client cert, only the proxy can. Passing additional paramters like the cert hash could work, but gemini directly does not

🍵 michaelnordmeyer

Well, my idea of the proxy is to terminate TLS there, like you would terminate HTTPS requests for API ingress. Depending of the hosted content, the apps behind the proxy should know as little as possible about what's going on in front of the proxy.

🤖 alexlehm

yes, HTTPS would not work with client certs either, you have to add some metadata to the internal request. someone suggested using the PROXYv2 protocol. (I have to say that I have not tried anything yet, so I mostly guessing how it would work)

Original Post

🌒 s/discoveries

— Bliz server side scripting

Bliz server side scripting for Gemini. — found this today. looks interesting.

💬 gritty · 10 comments · 1 like · 2023-08-11 · 7 weeks ago