If a proxy is used to intercept and modify HTTPS traffic, the server certificate used for the connection between the proxy and the client would be invalid (I mean it would not be signed by a CA trusted by the client). Desktop browsers report an error in response to this condition. I don't know about mobile safari.
How do they deal with this?
