I had reason to be concerned/examine about Node-Red behind a corporate proxy.
2 days later, and I have some observations:
1/ the http request node only does HTTP proxying. Hence all (?) the information is available on the local LAN (even for HTTPS).
2/ the MQTT node uses https-proxy-agent for WS and WSS. (but does not support no_proxy).
3/ the Websocket node does not support proxy.
Since we have https-proxy-agent now available, should we modify httprequest to use it, and add it to websockets? This would mean that ALL proxied requests would be place via HTTP CONNECT rather than in plain text over an HTTP proxy.... or should there be options?
I'm stuck on 0.17, but if someone wants to examine the changes, they are the commits after 'Commits on May 9, 2019' at https://github.com/btsimonh/node-red/commits/btsimonh-dev.
For the moment, it's unlikely that I can work on the current Node-Red version.
For anyone who needs to be behind a corporate proxy with authentication, but who does not want to store credentials, then I've found https://github.com/genotrance/px and forked and 'fixed' (?!!) at https://github.com/btsimonh/px/tree/delconnected
This is a local proxy which node-red can use (on windows), which then forwards on to the corporate proxy using the current windows user. It was very difficult to find support for this, and it seems there is no node package which does this at the moment.... (it's python ).
love Node Red,