Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Contribution to fix multiple issues with proxy support

See original GitHub issue

Describe the issue

This is not exactly a support question, but your PR bot is extremely aggressive and does not allow submitting a blank report, even one created from the New Issue flow.) On with the issue… 🤞

Hi! 👋

Firstly, thanks for your work on this project! 🙂

Today I used patch-package to patch axios@0.24.0 for the project I’m working on.

At first I tried using some of the suggestions here like using https-proxy-agent, but it is severely limited in that it does not normal agent options (I hear it’s a regression, and the lib is more or less abandoned). So I went for a deep-dive and I managed to isolate a certain number of flaws. I fixed them using patch-package but I’m willing to contribute them back and open separate PRs for each of these issues (along with tests), when time permits. Would you welcome this?

Issues I believe my changes can fix:

https://github.com/axios/axios/issues/3384 (this is a one-liner, axios doesn’t actually allow HTTPS over HTTP due to a simple logic mixup)
https://github.com/axios/axios/issues/3903 (axios doesn’t set the proxy protocol in setProxy, which is a problem when the proxy protocol and upstream protocol don’t match)
https://github.com/axios/axios/issues/3459 (might also be related to the same cause as #3459 or #3384)
https://github.com/axios/axios/issues/4165 (likely a mix of the above, but also possibly related to relative redirects not properly supported due to a bug in follow-redirects

Other changes that I made in my patch:

Enable re-evaluation of http_proxy, https_proxy and no_proxy (when not passing an explicit proxy config option) when following redirects (http_proxy and https_proxy could be configured differently)

The patch is fairly large and would probably be better conveyed as multiple PRs, but I’ll share it below. (We have 160 tests in our project confirming the patch solves a number of issues, but I can’t share them here; I would contribute with axios test coverage instead.)

Example Code

N/A

Expected behavior, if applicable

N/A

Environment

Axios Version [0.24.0]
Adapter [HTTP]
Browser [(N/A)]
Browser Version [(N/A)]
Node.js Version [12.20.0]
OS: [Windows 10, macOS Catalina]
Additional Library Versions [follow-redirects@1.14.5]

Additional context/Screenshots

N/A

Issue Analytics

State:
Created 2 years ago
Reactions:1
Comments:13 (11 by maintainers)

Top GitHub Comments

2reactions

mbargielcommented, Jan 19, 2022

@Amorites @jasonsaayman I definitely want to contribute this as a PR, when time permits. I was planning on splitting it into 3 actually, since it’s addressing 3 different issues.

I also discovered since then that Axios does not have support for HTTP CONNECT, meaning that when using a proxy with HTTP (unencrypted) to reach out to HTTPS endpoint URLs, the connection is not encrypted end to end, but actually unencrypted between the client and the proxy. If HTTPS is used to connect to the proxy as well, then it only works if the proxy is able to generate an SSL certificate on the fly and play Man-in-the-Middle (ie intercept the connection). In any case, in this modern age, it is not unreasonable to expect proxy clients to implement use HTTP CONNECT when accessing for HTTPS over HTTP(S) proxies and enable end-to-end encryption. Unfortunately, fixing this in Axios is somewhat trickier (with respect to supporting user-provided agents or agent configurations…); I tried creating a patch to use the unsupported tunnel library, but that would be a kind of bandaid, especially considering tunnel has not been active for almost 4 years now.

2reactions

jasonsaaymancommented, Jan 19, 2022

@mbargiel please can you put this in a pull request and tag me? If you cant I will