I thought the username and password will *only* be sent to SERVER2, *after* the SSL handshake, with each request.

However, the truth is that the Proxy-Authorization header is attached to the request to SERVER1 "CONNECT SERVER2:433 HTTP/1.1", as well.

So SERVER1 can see username and password. It is not necessary and safe.

Am I missing anything here?

Regards,

Peter