I have a quick follow up question around this.
I am looking to have the browser hit a custom proxy server I built which I want to work like this:
1) Something Requests a resource
https://www.example.com/with/resource.ext2) I use OnBeforeRequest to translate the host to
https://localhost:port/with/resource.ext and puts the original path in the header.
3) My server gets the request, if it has the header, it will reach out to the other server and pull the document using the cookies/info from the request
4) My server responds as itself back the the browser with the header in tact (should be a valid https connection because the client is expecting the host to be localhost
5) The browser finds the special header and translates it BACK to the original URL.
Here is my question, at what point is the certificate verified what is the earliest point I can convert the URL BACK to what it was before it is returned back for the "website/JS/Plugin" to verify/use.
I looked for a request life cycle, but I didn't have luck finding that. I can make my proxy pretend to be the original server, but I want a valid chain of certs on BOTH ends, so I can return errors from the proxy to be more secure and I don't have to install a root certificate/change chrome settings to disable security. I am using golang for the server, so I expect the certificate validation to be similar to chromes (I am hoping).