From a33122435a3b4ab0e2b3ead12f001e55425d0f3d Mon Sep 17 00:00:00 2001
From: lo <lo@los-MacBook-Pro.local>
Date: Fri, 11 Aug 2023 15:14:29 +0800
Subject: [PATCH 1/2] Auto detect proxy from environments

---
 src/agent.rs | 18 +++++++++++++++++-
 src/proxy.rs | 24 ++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/src/agent.rs b/src/agent.rs
index 1a76dcfc..d090fcfa 100644
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -37,6 +37,7 @@ pub enum RedirectAuthHeaders {
 /// Accumulates options towards building an [Agent].
 pub struct AgentBuilder {
     config: AgentConfig,
+    no_proxy: bool,
     max_idle_connections: usize,
     max_idle_connections_per_host: usize,
     /// Cookies saved between requests.
@@ -263,6 +264,7 @@ impl AgentBuilder {
                 user_agent: format!("ureq/{}", env!("CARGO_PKG_VERSION")),
                 tls_config: TlsConfig(crate::default_tls_config()),
             },
+            no_proxy: false,
             max_idle_connections: DEFAULT_MAX_IDLE_CONNECTIONS,
             max_idle_connections_per_host: DEFAULT_MAX_IDLE_CONNECTIONS_PER_HOST,
             resolver: StdResolver.into(),
@@ -277,7 +279,12 @@ impl AgentBuilder {
     // AgentBuilder to be used multiple times, except CookieStore does
     // not implement clone, so we have to give ownership to the newly
     // built Agent.
-    pub fn build(self) -> Agent {
+    pub fn build(mut self) -> Agent {
+        if self.config.proxy.is_none() && !self.no_proxy {
+            if let Some(proxy) = Proxy::try_from_system() {
+                self.config.proxy = Some(proxy);
+            }
+        }
         Agent {
             config: Arc::new(self.config),
             state: Arc::new(AgentState {
@@ -306,11 +313,20 @@ impl AgentBuilder {
     /// # Ok(())
     /// # }
     /// ```
+    ///
+    /// # Note
+    /// Adding a proxy will disable the automatic usage of the “system” proxy.
     pub fn proxy(mut self, proxy: Proxy) -> Self {
         self.config.proxy = Some(proxy);
         self
     }
 
+    /// Don't auto detect proxy from system environment, e.g. HTTP_PROXY
+    pub fn no_proxy(mut self) -> Self {
+        self.no_proxy = true;
+        self
+    }
+
     /// Enforce the client to only perform HTTPS requests.
     /// This setting also makes the client refuse HTTPS to HTTP redirects.
     /// Default is false
diff --git a/src/proxy.rs b/src/proxy.rs
index d1ef22ce..4005dc33 100644
--- a/src/proxy.rs
+++ b/src/proxy.rs
@@ -67,6 +67,30 @@ impl Proxy {
         self.user.is_some() && self.password.is_some()
     }
 
+    pub(crate) fn try_from_system() -> Option<Self> {
+        macro_rules! try_env {
+            ($($env:literal),+) => {
+                $(
+                    if let Ok(env) = std::env::var($env) {
+                        if let Ok(proxy) = Self::new(env) {
+                            return Some(proxy);
+                        }
+                    }
+                )+
+            };
+        }
+
+        try_env!(
+            "ALL_PROXY",
+            "all_proxy",
+            "HTTPS_PROXY",
+            "https_proxy",
+            "HTTP_PROXY",
+            "http_proxy"
+        );
+        None
+    }
+
     /// Create a proxy from a format string.
     /// # Arguments:
     /// * `proxy` - a str of format `<protocol>://<user>:<password>@<host>:port` . All parts except host are optional.

From 95d7bfd5c20d26c033b2648799d3ae01337a4a51 Mon Sep 17 00:00:00 2001
From: Martin Algesten <martin@algesten.se>
Date: Sat, 30 Sep 2023 10:04:18 +0200
Subject: [PATCH 2/2] Turn off default proxy detection

---
 src/agent.rs | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/agent.rs b/src/agent.rs
index d090fcfa..aa671e9d 100644
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -37,7 +37,7 @@ pub enum RedirectAuthHeaders {
 /// Accumulates options towards building an [Agent].
 pub struct AgentBuilder {
     config: AgentConfig,
-    no_proxy: bool,
+    try_proxy_from_env: bool,
     max_idle_connections: usize,
     max_idle_connections_per_host: usize,
     /// Cookies saved between requests.
@@ -264,7 +264,7 @@ impl AgentBuilder {
                 user_agent: format!("ureq/{}", env!("CARGO_PKG_VERSION")),
                 tls_config: TlsConfig(crate::default_tls_config()),
             },
-            no_proxy: false,
+            try_proxy_from_env: false,
             max_idle_connections: DEFAULT_MAX_IDLE_CONNECTIONS,
             max_idle_connections_per_host: DEFAULT_MAX_IDLE_CONNECTIONS_PER_HOST,
             resolver: StdResolver.into(),
@@ -280,7 +280,7 @@ impl AgentBuilder {
     // not implement clone, so we have to give ownership to the newly
     // built Agent.
     pub fn build(mut self) -> Agent {
-        if self.config.proxy.is_none() && !self.no_proxy {
+        if self.config.proxy.is_none() && self.try_proxy_from_env {
             if let Some(proxy) = Proxy::try_from_system() {
                 self.config.proxy = Some(proxy);
             }
@@ -314,16 +314,20 @@ impl AgentBuilder {
     /// # }
     /// ```
     ///
-    /// # Note
-    /// Adding a proxy will disable the automatic usage of the “system” proxy.
+    /// Adding a proxy will disable `try_proxy_from_env`.
     pub fn proxy(mut self, proxy: Proxy) -> Self {
         self.config.proxy = Some(proxy);
         self
     }
 
-    /// Don't auto detect proxy from system environment, e.g. HTTP_PROXY
-    pub fn no_proxy(mut self) -> Self {
-        self.no_proxy = true;
+    /// Attempt to detect proxy settings from the environment, i.e. HTTP_PROXY
+    ///
+    /// The default is `false`, i.e. not detecting proxy from env since this is
+    /// a potential security risk.
+    ///
+    /// If the `proxy` is set on the builder, this setting has no effect.
+    pub fn try_proxy_from_env(mut self, do_try: bool) -> Self {
+        self.try_proxy_from_env = do_try;
         self
     }