Skip to content

feat(ProxyAgent) improve Curl-y behavior in HTTP->HTTP Proxy connections (#4180) #4340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 24, 2025
Merged

feat(ProxyAgent) improve Curl-y behavior in HTTP->HTTP Proxy connections (#4180) #4340

merged 3 commits into from
Jul 24, 2025
+457 −87

Conversation

caitp
Copy link
Contributor

@caitp caitp commented Jul 16, 2025

This refactors the way the legacy unsecured behaviour is implemented, by wrapping the Proxy client in a wrapper which rewrites requests, and handles errors. This will also insert authentication headers in each request.

CURRENTLY:

For nonsecure channels, clients allocated by the pool all delegate to the proxy client, and reuse the same HttpContext. This is probably not a good thing, but at least in cases where only one request is performed at a time, it seems harmless enough. In order to make this ready to land, this probably needs to handle simultaneous concurrent requests and have a test for that.

This relates to...

Rationale

Changes

Features

Bug Fixes

Breaking Changes and Deprecations

Status

metcoder95
metcoder95 reviewed Jul 17, 2025
View reviewed changes
Copy link
Member

@metcoder95 metcoder95 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes lgtm, and I'm aligned with them; tho this seems like a breaking change that might be better to keep disabled by default and change it once in the next major

lib/dispatcher/proxy-agent.js Outdated
Comment on lines 67 to 71
// FIXME: remove wrapper from the pool
}

async [kDestroy] () {
await this.#client.destroy()
// FIXME: remove wrapper from the pool
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not close the this.#client?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as noted in the PR description, this.#client is currently the original Proxy client -- which I think is actually a huge problem, but I haven't written a test yet to demonstrate that it is, which is probably next up. Maybe it's actually fine to reuse the same HttpContext for concurrent requests, but I suspect it isn't

But given that it is the Proxy server client, closing it breaks the ProxyAgent

@caitp
Copy link
Contributor Author

caitp commented Jul 22, 2025

I've attempted to add a test for this reuse of the HttpContext, and haven't been able to reproduce any issues yet (although the test case is pretty small) -- so maybe it actually does work?

but still need to look into the other CI failures.

@caitp caitp force-pushed the NoTunnelByDefault branch from 9cb8d42 to 8881567 Compare July 23, 2025 20:25
caitp added 3 commits July 23, 2025 16:25
@caitp
feat(ProxyAgent) improve Curl-y behavior in HTTP->HTTP Proxy connecti…
0180741 
…ons (nodejs#4180)

This refactors the way the legacy unsecured behaviour is implemented, by wrapping the Proxy client in a wrapper which rewrites requests, and handles errors. This will also insert authentication headers in each request.
@caitp
add a test to attempt multiple concurrent connections with a single H…
f863865 
…ttpContext
@caitp
be explicit about proxyTunnel status in each ProxyAgent test
8881567
@caitp
Copy link
Contributor Author

caitp commented Jul 23, 2025

summary of the changes:

  • factory can now be passed to ProxyAgent again, which was needed to get tests using MockAgent etc working. By default, it will use something lifted from Agent.js's defaultFactory, which takes options.connections into account to decide whether to creates a Pool or a Client.
  • Http1ProxyWrapper no longer reuses the existing connection to the Proxy, but instead creates a new one, and retains it for the life time of the ProxyWrapper. The wrapper is responsible for rewriting requests in the format of HTTP1 non-tunneling proxy requests
  • proxyTunnel now defaults to true again, so the non-tunneling becomes opt-in again (was already the case in the last update) -- however now, tests have been updated to explicitly specify the proxyTunnel value, so that it's less of a change needed when flipping the flag.

@metcoder95 metcoder95 requested a review from mcollina July 24, 2025 08:03
mcollina
mcollina approved these changes Jul 24, 2025
View reviewed changes
Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@mcollina mcollina merged commit b7513d4 into nodejs:main Jul 24, 2025
27 checks passed
@github-actions github-actions bot mentioned this pull request Jul 31, 2025
Merged
@JoshMock JoshMock mentioned this pull request Aug 7, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mcollina mcollina mcollina approved these changes

@metcoder95 metcoder95 metcoder95 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@caitp @mcollina @metcoder95