DialTLSContext is documented as only being used for non-proxied requests.
This is problematic because it means HTTPS CONNECT requests always use crypto/tls. This can violate business requirements and so on. (And can also lead to difficult to debug errors if you, uh, forget that DialTLSContext is only for non-proxied requests. Or if the proxy is added later.)
Ideally, Transport would have a Client(net.Conn, ...) net.Conn field that, if nil, would default to crypto/tls.
The text was updated successfully, but these errors were encountered: