Using CONNECT the Host header has the proxy host:port as value instead of the origin server host:port #32
Comments
|
I have same issue, and send patch to original node-tunnel project. |
|
Hello @mikeal, I've raised a PR nodejs/node#36805 for Node.js runtime to fix this issue #32. Thank you :) |
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
First of all, thanks for your work.
I am having a problem related to this project and I have thought, worked and researched a lot before writing here an issue, and I have tried to explain it properly.
In my network there is a proxy where my requests are sent through to reach public internet.
In my project I have a dependency on
grunt-contrib-imageminthat, through several hierarchy dependencies, has dependencies ongifsicle,jpegtran-binandoptipng-binpackages.I resolve those 3 dependencies sucessfully doing
npm install, but the 3 of them have their own postinstall script callingnode lib/install.jswhich finally usestunnel-agent(version "0.4.3") to download some binary files (last recent version oftunnel-agentalso has this problem).When executing that script the 3 of them finish like below:
So the proxy is giving a 504 error (please note that the dependencies had been downloaded sucessfully through the proxy).
I have debugged
tunnel-agentand here you can find my conclussions.As I am below an HTTP proxy and the files requested are hosted in a server with HTTPS,
tunnel-agentuses the functionhttpsOverHttp.In that function a
CONNECTrequest is created to ask the proxy to create a TLS connection to get the file from the origin server.I have taken the request from Wireshark monitoring and it is as follows:
As I have shown I am getting a 504 error from the Proxy saying that The requested URL couldn't be resolved. So I tested same request using
curlcommand throughcurl -v <origin server domain>:<origin server port>/fileand curl suceeded creating the tunnel and getting the file. I took the request from Wireshark and it was the following:If you check it,
curlwrites the origin server domain and port also in theHostheader.To confirm my theory about that
tunnel-agentwould be fixed also doing the same with the Host header, I have modified the file/tunnel-agent/index.js, functionTunnelingAgent.prototype.createSocketadding the following just before the request is executed (so before linevar connectReq = self.request(connectOptions)):And it has worked. The tunnel is created and the file downloaded.
I have researched in the RFC of HTTP and also in some documentation references like MDN about if the Host header should contain the origin host and port as
curldoes and look:In the RFC it is not clearly said what should be the value of the Host header, but all the examples of the RFC and also MDN documentation reflect that the Host header has to be equal to the HTTP target, so equal to the origin server host&port. Maybe it is explained in some other part of the RFC I have not found.
In addition just to mention that with Wireshark I understood that the proxy host and port are only needed when doing the TCP connection previous to communicate by HTTP, so the proxy host and port are not needed in the HTTP request.
Do you think I am right?
Do you think I am wrong?
Do you have any official documentation resources that explain that what
tunnel-agentis doing with the Host header is fine?For me it is clear that it should be as
curldoes.If you find this make sense, could you fix it?
I hope you can check it and agree, as it is being a hard problem while working under the proxy, and I always need to be under the proxy as we also have dependencies that need to be downloaded from an internal registry that is inside the normal network.
Thanks!
The text was updated successfully, but these errors were encountered: