Recently I came up to a few public proxies that were returning 407 status code with Proxy-Authenticate response header while also missing final CRLF to indicate end-of-headers. Curl with such a proxy will repeat the CONNECT request indefinitely.
Here is how to reproduce it:
#!/usr/bin/env pythonimportsockets=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_address= ('localhost', 8787)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
connection.sendall(b'HTTP/1.1 407 Authentication Required\r\n')
# with this line it will work fine#connection.sendall(b'\r\n')connection.close()