net/http: add support for creating proxied TLS connections #39794

elagergren-spideroak · 2020-06-23T23:20:48Z

DialTLSContext is documented as only being used for non-proxied requests.

This is problematic because it means HTTPS CONNECT requests always use crypto/tls. This can violate business requirements and so on. (And can also lead to difficult to debug errors if you, uh, forget that DialTLSContext is only for non-proxied requests. Or if the proxy is added later.)

Ideally, Transport would have a Client(net.Conn, ...) net.Conn field that, if nil, would default to crypto/tls.

The text was updated successfully, but these errors were encountered:

cagedmantis · 2020-06-24T19:19:40Z

/cc @bcmills @bradfitz

cagedmantis added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. FeatureRequest labels Jun 24, 2020

cagedmantis added this to the Unplanned milestone Jun 24, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

net/http: add support for creating proxied TLS connections #39794

net/http: add support for creating proxied TLS connections #39794

elagergren-spideroak commented Jun 23, 2020 •

edited

cagedmantis commented Jun 24, 2020

net/http: add support for creating proxied TLS connections #39794

net/http: add support for creating proxied TLS connections #39794

Comments

elagergren-spideroak commented Jun 23, 2020 • edited

cagedmantis commented Jun 24, 2020

elagergren-spideroak commented Jun 23, 2020 •

edited