Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Proxy support does not work properly with CONNECT on https requests
See original GitHub issueDescribe the bug
Using Axios 0.26.1 behind a corporate HTTP tunneling proxy to an HTTPS destination, once the proxy connection is made, a POST method is issued, rather than a CONNECT to establish the TLS tunnel to the destination host where the POST should be sent. Result is Error: socket hang up, as the proxy expects a CONNECT to be issued and drops the connection
Specifically, using wireshark to monitor the activity of the script goes as follow:
TCP SYN < TCP SYN, ACK TCP ACK HTTP POST < TCP FIN, ACK TCP ACK
If you use curl with the same environment, the packets are as follows:
TCP SYN < TCP SYN, ACK TCP ACK HTTP CONNECT < HTTP Connection established TCP ACK TLS Client Hello < TLS Server Hello … encrypted POST and response follows
To Reproduce
export http_proxy="http://user:password@10.123.173.125:80"
export https_proxy="http://user:password@10.123.173.125:80"
http.post('https://api.github.com/user/repos', {});
Expected behavior
When connecting to an HTTPS server through a tunneling HTTP proxy, the CONNECT method should be used to establish the TLS handshake before issuing the POST
Environment
- Axios Version 0.26.1
- Adapter HTTP
- Node.js Version 14.8.0
- OS: Windows 10 (10.0.19042.1526)
Issue Analytics
- State:
- Created 2 years ago
- Reactions:9
- Comments:7 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
If anyone is interested in trying out HTTPS-over-HTTP support in Axios, feel free to check https://github.com/axios/axios/pull/5037. The implementation has some limitations (no redirects) but maybe it still fits your use cases. Would love to hear back from you!
Edit: Not directly related to this issue, but please note that there is currently (as of 1.1.2) some trouble around a breaking change in the proxy configuration: https://github.com/axios/axios/issues/5079
Why is the “possible bug” label removed? Clearly the automatic proxy configuration is incorrect. If the protocol is HTTPS and the
HTTPS_PROXYenvironment variable set, the client should use the tunnel protocol by sending a CONNECT request, wait to get a 200 OK back and then send the original request on the same connection.