net/http: add support for creating proxied TLS connections #39794

elagergren-spideroak · 2020-06-23T23:20:48Z

DialTLSContext is documented as only being used for non-proxied requests.

This is problematic because it means HTTPS CONNECT requests always use crypto/tls. This can violate business requirements and so on. (And can also lead to difficult to debug errors if you, uh, forget that DialTLSContext is only for non-proxied requests. Or if the proxy is added later.)

Ideally, Transport would have a Client(net.Conn, ...) net.Conn field that, if nil, would default to crypto/tls.

The text was updated successfully, but these errors were encountered:

cagedmantis · 2020-06-24T19:19:40Z

/cc @bcmills @bradfitz

cagedmantis added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. FeatureRequest labels Jun 24, 2020

cagedmantis added this to the Unplanned milestone Jun 24, 2020

net/http: add support for creating proxied TLS connections #39794

net/http: add support for creating proxied TLS connections #39794

elagergren-spideroak commented Jun 23, 2020 •

edited

cagedmantis commented Jun 24, 2020

net/http: add support for creating proxied TLS connections #39794

net/http: add support for creating proxied TLS connections #39794

Comments

elagergren-spideroak commented Jun 23, 2020 • edited

cagedmantis commented Jun 24, 2020

elagergren-spideroak commented Jun 23, 2020 •

edited