Fix ALPN protocol identifier for HTTP/1.1#142
Closed
pimterry wants to merge 1 commit intoTooTallNate:mainfrom
Closed
Fix ALPN protocol identifier for HTTP/1.1#142pimterry wants to merge 1 commit intoTooTallNate:mainfrom
pimterry wants to merge 1 commit intoTooTallNate:mainfrom
Conversation
Owner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The ALPN identifier that https-proxy-agent uses for TLS is not correct. The IANA registry of valid values is here and you can see that for HTTP/1.1 it specifically has to be byte-identical to
http/1.1(note the slash) andhttp 1.1as used here is not a valid identifier.Because of this, ALPN negotiation always fails right now. Normally that's fine, because most TLS servers just fall back to plain HTTP anyway, but as of Node v19+, Node.js servers that use ALPN will reject all incoming connections that try to use ALPN but can't successfully agree on a protocol (according to the spec, everybody should be doing this really). Quite a lot of proxy servers do use ALPN, because it's effectively required to be able to use HTTP/2, so this may cause problems now that Node v20 is out (it breaks my tests, for one)
Anyway, it's fortunately a very quick and easy fix with no downside 😄