search

edicl / drakma

HTTP client written in Common Lisp
http://edicl.github.io/drakma/
249 stars 58 forks source link

Fix `:real-host` support for HTTPS connections #104

Closed ieure closed 4 years ago

ieure commented 4 years ago

The :real-host feature is broken for HTTPS. Evaluating:

(drakma:http-request "https://github.com/404" :real-host "192.30.255.112" :redirect nil)

Produces:

Unable to establish HTTPS tunnel through proxy.
   [Condition of type SIMPLE-ERROR]

Specifying the port also doesn’t work, but in a different way:

(drakma:http-request "https://github.com/404" :real-host '("192.30.255.112" 443) :redirect nil)

No status line - probably network error.
   [Condition of type DRAKMA::DRAKMA-SIMPLE-ERROR]

There are two bugs.

proxying-https-p is truthy when real-host is specified, because real-host is copied to proxy. This causes Drakma issue a CONNECT verb the remote server doesn’t honor.

The fix for the first case is to inhibit setting proxying-https-p if real-host is specified.

However, this still breaks in the case where the real-host doesn’t include a port, because the proxy port is always set to 80 when omitted, and it’s already been set from real-host.

The second fix is to ignore proxy and take port from the URI when real-host is specified.