[jira] [Created] (HTTPCLIENT-2401) RequestUpgrade interceptor tries to upgrade the connection when using proxies

Fri, 17 Oct 2025 12:00:44 -0700 

Lakatos Gyula created HTTPCLIENT-2401:
-----------------------------------------

             Summary: RequestUpgrade interceptor tries to upgrade the 
connection when using proxies
                 Key: HTTPCLIENT-2401
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2401
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: HttpClient (classic)
    Affects Versions: 5.5.1
            Reporter: Lakatos Gyula


The {{RequestUpgrade}} interceptor tries to upgrade the connection to TLS 1.2 
when proxies are being used. Most proxies don't support HTTPS connections, only 
HTTP tunneling (via {{{}CONNECT{}}}).

Here is a trivial example that reproduces the error:
{code:java}
package com.example.proxy.apachehttpclient5;

import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.io.entity.EntityUtils;

import java.io.IOException;

public class Main {

    public static void main(String[] args) throws IOException {
        try (final CloseableHttpClient httpclient = HttpClients.custom()
                .setProxy(new HttpHost("proxy.scrape.do", 8080))
                .build()) {

            final HttpGet request = new HttpGet("http://crawler-test.com/";);

            request.setHeader("Proxy-Authorization", "Basic xyz");

            String responseContent = httpclient.execute(request, response ->
                    EntityUtils.toString(response.getEntity()));

            System.out.println(responseContent);
        }
    } {code}
The proxy service returns with a 400 Bad Request.

As a workaround, the logic in the {{RequestUpgrade}} interceptor can be 
disabled with a {{RequestConfig}} that sets {{protocolUpgradeEnabled}} to 
false. However, I think the default behavior is still incorrect in this case 
and is highly unexpected. It took me a significant amount of digging around to 
figure out what's going on in the background.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to