How pass through a download from a https source to a http connection?

I have urls of the following format (I write it as as aregex):

http://exampledomain\.com/files/.+

The URL is requested by a client over my proxy server.

I inject a custom authorization header into this request. This is no problem, I can do that with mod_proxy and mod_headers in apache.

However this url gives a 302 redirect to another source, that finally should arrive at the client.

This other url is SSL secured and looks like:

https://example.+\.exampledomain.\com/files/.+/.+

It needs the same authorization header than the other one. But because its hTTPS I cannot simply inject it using mod headers.

Therefore my plan is to set up a reverse proxy that I use to request the first HTTP URL with an authorization header. Behind is a script that fetches the request, parses out the second HTTPS URL and Downloads the source with the custom authorization header and passes the received file (bytes and http headers) through to the client.

I am familiar with Apache2 and PHP, therefore it would be nice to stick with theese. But its not necessary.

Just to clarify, we are talking about rapidshare links here. My company is having backup files and storage there, because its the cheapest cloud hosting. There are some job servers that need to fetch files, but I can not configure user/password on them. So the proxy server should add the premium authentication information.

I thought about something like:

proxy.php - this file is requested using the reverse proxy and served by a webserver this proxy php is written to by a htaccess rewrite rule and by the revery proxy on http://one-or-my-domoains/request-uri-from-the-original-request (That is generated in apache)

$url = "http://example.com/".$_SERVER["REQUEST_URI"];
$opts = array(
  'http'=>array(
    'header'=>"Cookie: myauthvalue=example\r\n"
  )
);
$context = stream_context_create($opts);
stream_context_set_default($context);
$http_content = get_headers($url, 1);

$ssl_location = $http_content['Location'];

$fp = fsockopen("ssl://".parse_url($ssl_location, PHP_URL_HOST), 443, $errno, $errstr, 30);
if (!$fp) {
    echo "$errstr ($errno)<br />\n";
} else {
    $out = "GET ".parse_url($PHP_URL_PATH, PHP_URL_HOST)." HTTP/1.1\r\n";
    $out .= "Host: ".parse_url($ssl_location, PHP_URL_HOST)."\r\n";
    $out .= "Cookie: myauthorization=something"; 
    fwrite($fp, $out);
    while (!feof($fp开发者_StackOverflow社区)) {
        echo fgets($fp, 128);
    }
    fclose($fp);
}

So this should basically pass the ssl download to the standard http connection that the user initiates, instead of the redirect.

My question now is: Will this work? Did I miss something? Are there any caveeats?

I think it will be a reasonable amount of hassle, including the reverse proxy setup and all.

---

well i ended up just doing passthru('wget ....') wich works just fine ;)