Requests to the Proxy Domain are duplicated and are then "replayed" against the Source Domain as if the user was making the request to the Source Domain themselves from their web browser.
The entire visitor request is duplicated including the Content, POST/PUT parameters, Browser User Agent, Headers, and Cookies and then passed along to the Source Domain.
Some data is manipulated as it flows to and from the Source Domain to ensure the request to the Source Domain is the same as if the Visitor was loading the Source Domain in their browser. References of proxydomain.com are replaced with sourcedomain.com to make sure the Source Domain server sees the request the same as if the visitor loaded the Source Domain outside of our Proxy.
If the Source Domain is HTTPS-enabled, then all requests that are sent and received from the Source Domain are encrypted and sent using SSL protocols.
The Proxy Technology verifies the source domain's SSL certificate for HTTPS requests, just like a web browser. Requests that are not validated will throw a SSL Error if it's unable to verify the certificate and the request is then terminated.