canelohill
commented
1 week ago Fixed by #929 (rollback coreydaley's edits) and #938 (update to use golang.org/x/net/proxy without registration).
Closed imirkin closed 1 week ago
canelohill
commented
1 week ago Fixed by #929 (rollback coreydaley's edits) and #938 (update to use golang.org/x/net/proxy without registration).
jaitaiwan
commented
1 week ago Closing as fixed in master. Will release soon
Is there an existing issue for this?
Current Behavior
No response
Expected Behavior
No response
Steps To Reproduce
No response
Anything else?
https://github.com/gorilla/websocket/commit/666c197fc9157896b57515c3a3326c3f8c8319fe
This change seems to have switched from the private proxy copy into the project-wide golang.org/x/net/proxy. (It's vendored here, but if one vendors websocket, then it will end up using the sharedly-vendored variant.) Since the registration comes from init() there's no way to prevent it even if the client functionality in question is not needed or desired. Previously this was done into a private "copy" of the proxy logic, which was fine since it was entirely scoped to the websocket client logic. But now it's leaking out.