fix: -pr http11 flag ignored due to HTTP/2 fallback in retryablehttp-go

[SolariSystems]

Summary

Fixes #2240

Changes Made

Clean, minimal, and correct fix. The 3-line option change properly threads the HTTP/1.1 preference into retryablehttp-go's existing DisableHTTP2Fallback guard (verified at do.go:63 and client.go:119), the string-literal-to-constant cleanup is a welcome bonus, and the two unit tests directly verify the structural invariant that makes the fix work.

Verification

• Build: PASS
• Tests: PASS
• Lint: PASS

/claim #2240

Summary by CodeRabbit

• Bug Fixes

  • Prevented unintended HTTP/2 upgrades when running in HTTP/1.1-only mode by making the fallback client reuse the primary client's transport, improving retry and error behavior.

• Tests

  • Added tests to verify HTTP/1.1-only behavior (fallback client reuses transport) and the default behavior preserving HTTP/2 fallback.

[neo-by-projectdiscovery-dev]

Neo - PR Security Review

No security issues found

Highlights

• Added NotSame assertion to verify HTTPClient2 remains distinct from HTTPClient in default mode
• Changes are purely test-related and strengthen test coverage for HTTP/2 fallback behavior
• All security scanners (TruffleHog, Semgrep, ast-grep) report zero findings

_{Comment @neo help for available commands. · Open in Neo}

[Mzack9999]

failing tests

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f561ba1 and f58d184.

📒 Files selected for processing (1)

• common/httpx/httpx_test.go

🚧 Files skipped from review as they are similar to previous changes (1)

• common/httpx/httpx_test.go

---

Walkthrough

Replaces a string protocol check with a constant and, when HTTP/1.1-only mode (HTTP11) is selected, makes the HTTP/2-fallback client reuse the primary client's transport to prevent silent HTTP/2 upgrades. Tests added to verify both HTTP11 and default behaviors.

Changes

Cohort / File(s)	Summary
HTTP/1.1 Protocol Configuration common/httpx/httpx.go	Use HTTP11 constant instead of string; when Options.Protocol == HTTP11, set client.HTTPClient2 = client.HTTPClient so the HTTP/2 fallback shares the same transport.
HTTP/1.1 Fallback Tests common/httpx/httpx_test.go	Add TestHTTP11DisablesHTTP2Fallback and TestDefaultProtocolKeepsHTTP2Fallback to assert HTTPClient2 equals primary client in HTTP11 mode and is non-nil by default.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 I nudge the transport, tidy and spry,
One client used, no sly upgrade by.
A constant chosen, routing made plain,
Tests hop in to guard the plain lane.
Quiet change, a rabbit's small refrain.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 75.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main fix: addressing HTTP/2 fallback behavior when the HTTP/1.1 protocol flag is used.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@common/httpx/httpx_test.go`:
- Around line 28-38: Update TestDefaultProtocolKeepsHTTP2Fallback to not only
assert ht.client.HTTPClient2 is non-nil but also assert it is a distinct
instance from ht.client.HTTPClient by adding a require.NotSame (or
require.NotEqual with pointer comparison) between ht.client.HTTPClient and
ht.client.HTTPClient2; keep the existing require.NotNil check and use the same
test helper names (TestDefaultProtocolKeepsHTTP2Fallback, New, Options,
ht.client.HTTPClient, ht.client.HTTPClient2) so the test ensures HTTP/2 fallback
remains separate from the main HTTPClient.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b23103e and a931451.

📒 Files selected for processing (2)

• common/httpx/httpx.go
• common/httpx/httpx_test.go

[SolariSystems]

@Mzack9999 Fixed — the build failure was caused by referencing DisableHTTP2Fallback which doesn't exist in retryablehttp-go yet (there are open PRs for it but none merged).

Instead, the fix now overrides HTTPClient2 to reuse the same HTTP/1.1 transport after client creation:

if httpx.Options.Protocol == HTTP11 {
    httpx.client.HTTPClient2 = httpx.client.HTTPClient
}

This prevents retryablehttp-go's automatic HTTP/2 fallback without requiring upstream changes. Tests updated accordingly — both build and tests pass locally.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@common/httpx/httpx_test.go`:
- Around line 16-26: The test TestHTTP11DisablesHTTP2Fallback calls New(&opts)
which may mutate the process-wide GODEBUG; to avoid leaking state restore the
original value around that call by saving os.LookupEnv("GODEBUG") (or use
t.Setenv if available) before calling New and defer restoring it after (or rely
on t.Setenv to automatically revert); update the test to capture the original
GODEBUG, set/restore it so New(Options{Protocol: HTTP11}) cannot leave GODEBUG
changed, leaving the rest of the assertions (require.Nil and require.Same)
unchanged and referencing the same New, Options, and Protocol/HTTP11 symbols.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a931451 and f561ba1.

📒 Files selected for processing (1)

• common/httpx/httpx_test.go