forbid non-secure proxy access

[trespiko <trespiko () gmail com>]

hi!

can anyone give me pointers/how-to on how to block access to web client
using a non-secure proxy?

for example, I use paros in my notebook to intercept requests and
responses to/from an online banking
application.

I see this feature in blogger and gmail that have a warning like this:
"Retrieval of secure URLs through a non-secure proxy is forbidden.

This proxy is running on a non-secure server, which means that retrieval
of pages from secure servers is not permitted. The danger is that the
user and the end server may believe they have a secure connection
between them, while in fact the link between the user and this proxy is
insecure and eavesdropping may occur. That's why we have secure servers,
after all.

This proxy must run on a secure server before being allowed to retrieve
pages from other secure servers. "

 i want to implement in one of my applications using Java. Might be related
to the certificates, I guess



thanks

trespiko


-------------------------------------------------------------------------
Sponsored by: Watchfire

It's been reported that 75% of websites are vulnerable to attack. That's 
because hackers know to exploit weaknesses in web applications. 
Traditional approaches to securing these assets no longer apply. Download 
the "Addressing Challenges in Application Security" whitepaper today, and 
see for yourself.

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTU
--------------------------------------------------------------------------