net/http: error if Transport.Proxy returns https

Transport.Proxy is documented as only supporting the http and socks5
schemes. If one tries to use it for https URLs, they end up with a
cryptic error like:

	http: TLS handshake error from [...]: tls: oversized record received with length 20037

This is because Transport simply skips TLS if Proxy is non-nil, since it
knows it doesn't support Proxy with https.

However, that error is very confusing and it can take a while to figure
out what's going on. Instead, error if Proxy is used and it returns an
unsupported scheme.

Updates #19493.

Change-Id: Ia036357011752f45bb9b8282a4ab5e31bc8d1a69
Reviewed-on: https://go-review.googlesource.com/66010
Run-TryBot: Daniel Martí <mvdan@mvdan.cc>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Tom Bergan <tombergan@google.com>

diff --git a/src/net/http/transport.go b/src/net/http/transport.go
index 9182e9454b98625b03cf4f212ebec9708e5f7984..5f2ace7b4b4fcf703f00c10a987720f35f0592ea 100644 (file)
--- a/src/net/http/transport.go
+++ b/src/net/http/transport.go
@@ -618,6 +618,11 @@ func (t *Transport) connectMethodForRequest(treq *transportRequest) (cm connectM
                        if port := cm.proxyURL.Port(); !validPort(port) {
                                return cm, fmt.Errorf("invalid proxy URL port %q", port)
                        }
+                       switch cm.proxyURL.Scheme {
+                       case "http", "socks5":
+                       default:
+                               return cm, fmt.Errorf("invalid proxy URL scheme %q", cm.proxyURL.Scheme)
+                       }
                }
        }
        return cm, err