From e61c5e2f2044c7bc606ebdfbd0187598b90c50e5 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20Mart=C3=AD?= Date: Mon, 25 Sep 2017 17:21:39 +0100 Subject: [PATCH] net/http: error if Transport.Proxy returns https MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Transport.Proxy is documented as only supporting the http and socks5 schemes. If one tries to use it for https URLs, they end up with a cryptic error like: http: TLS handshake error from [...]: tls: oversized record received with length 20037 This is because Transport simply skips TLS if Proxy is non-nil, since it knows it doesn't support Proxy with https. However, that error is very confusing and it can take a while to figure out what's going on. Instead, error if Proxy is used and it returns an unsupported scheme. Updates #19493. Change-Id: Ia036357011752f45bb9b8282a4ab5e31bc8d1a69 Reviewed-on: https://go-review.googlesource.com/66010 Run-TryBot: Daniel Martí TryBot-Result: Gobot Gobot Reviewed-by: Tom Bergan --- src/net/http/transport.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/net/http/transport.go b/src/net/http/transport.go index 9182e9454b..5f2ace7b4b 100644 --- a/src/net/http/transport.go +++ b/src/net/http/transport.go @@ -618,6 +618,11 @@ func (t *Transport) connectMethodForRequest(treq *transportRequest) (cm connectM if port := cm.proxyURL.Port(); !validPort(port) { return cm, fmt.Errorf("invalid proxy URL port %q", port) } + switch cm.proxyURL.Scheme { + case "http", "socks5": + default: + return cm, fmt.Errorf("invalid proxy URL scheme %q", cm.proxyURL.Scheme) + } } } return cm, err -- 2.48.1