Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/http: Client.Do() panics when URL includes HTTP basic auth [1.13 backport] #34882

gopherbot opened this issue Oct 13, 2019 · 2 comments


Copy link

@gopherbot gopherbot commented Oct 13, 2019

@odeke-em requested issue #34878 to be considered for backport to the next 1.13 minor release.

Thank you for the report @bradleyjkemp!

This a new panic in Go1.13 that stems from the fact that invoking Header.Clone() when Header is nil returns a nil map as we implemented in CL to solve the inconsistency behavior of Clone as per #33141, but we didn't go through all the call sites to check that the map was nil before assignment.

The code posted up used to work in Go1.12 and before, now fails in Go1.13.
/cc @andybons @bradfitz @FiloSottile for awareness

@gopherbot please backport this issue to Go1.13.

Copy link

@gopherbot gopherbot commented Oct 14, 2019

Change mentions this issue: [release-branch.go1.13] net/http: fix Transport panic with nil Request.Header

Copy link

@gopherbot gopherbot commented Oct 14, 2019

Closed by merging 2018d43 to release-branch.go1.13.

@gopherbot gopherbot closed this Oct 14, 2019
gopherbot pushed a commit that referenced this issue Oct 14, 2019

For Go 1.13 we introduced Header.Clone and it returns
nil if a nil Header is cloned. Unfortunately, though,
this exported Header.Clone nil behavior differed from
the old Go 1.12 and earlier internal header clone
behavior which always returned non-nil Headers.
This CL fixes the places where that distinction mattered.

Fixes #34882

Change-Id: Id19dea2272948c8dd10883b18ea7f7b8b33ea8eb
Run-TryBot: Emmanuel Odeke <>
TryBot-Result: Gobot Gobot <>
Reviewed-by: Brad Fitzpatrick <>
(cherry picked from commit 9969c72)
@katiehockman katiehockman modified the milestones: Go1.13.2, Go1.13.3 Oct 17, 2019
@golang golang locked and limited conversation to collaborators Oct 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
You can’t perform that action at this time.