x/net/http/httproxy: empty Host should bypass proxy #52988
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
We are simulating a behavior where CoreDNS health plugin sends http requests via http_proxy to the
http://:8080/health
which is listened by the health plugin itself. We found that if we specifyhttp://127.0.0.1:8080/
, it won't connect to proxy, but only when we specifyhttp://:8080/health
it will always connect to proxy.Sample code below which uses net/http with default transport, that mimics CoreDNS overloaded function in health plugin, configure
export http_proxy=http://127.0.0.1:8000
before run:What did you expect to see?
Get "http://:8080/health": dial tcp 127.0.0.1:8080: connect: connection refused
should show since it shouldn't reach proxyWhat did you see instead?
Get "http://:8080/health": proxyconnect tcp: dial tcp 127.0.0.1:8000: connect: connection refused
Note that useProxy function specifically checks "localhost" and loopback, does it make sense to also use proxy if hostname not provided?
See also: #1589 and #28866, note that in this scenario, it isn't possible to use no_proxy to exempt proxy usage, as no_proxy skips empty strings.
The text was updated successfully, but these errors were encountered: