New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disable tunnel for http2 requests #3321
base: main
Are you sure you want to change the base?
Disable tunnel for http2 requests #3321
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, can you please add an unit test to make sure this isn't lost in a later refactoring? And make sure this does not break existing tests.
Also, please make sure to add "Closes #XXXX" in your pull request description. This closes the issue automatically when the pull request is merged, and helps understanding what you're fixing. I've just edited your pull request to include that.
I'm also imagining a test case that checks the bytes sent over the socket for the absence of the "h2" ALPN in the TLS ClientHello, I believe we do something similar for server name? |
I did not know, but we do have a SNI socketlevel test: urllib3/test/with_dummyserver/test_socketlevel.py Lines 108 to 133 in d7bb83b
We will eventually have to adapt this to test to include checking that the And since the request does not go out, it does not have to be a test that includes a server in |
@pquentin Should i override set_tunnel in connection pool or writing the check in init is fine? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for this PR, I have a suggestion that'll ensure the test case is useful into the near future where HTTPSConnection
begins speaking HTTP/2 on its own (without a separate connection).
The approach would be:
- Setup a socket server that records the handshake bytes
- Send a tunnel proxy connection with TLS handshake
- Assert that the bytes for an ALPN of
http/1.1
are there, but noth2
.
This way in the future when the two connections are combined together this test case is still useful and it removes the need for the other tests.
See this test which verifies that the hostname is in the initial TLS handshake via SNI: https://github.com/urllib3/urllib3/blob/main/test/with_dummyserver/test_socketlevel.py#L103 Can assert the |
Thanks! Can you please look into the CI failures? |
sock.close() | ||
|
||
self._start_server(echo_socket_handler) | ||
base_url = f"http://{self.host}:{self.port}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is using HTTP, tunneling and ALPN are TLS features so requires HTTPS. It's expected for the handshake to fail, we want to see what ALPN values are being offered and not complete the handshake.
with proxy_from_url(base_url) as proxy: | ||
r = proxy.request("GET", "http://google.com/") | ||
assert r.status == 200 | ||
assert b"HTTP/1.1" in self.buf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For ALPN the value is b"http/1.1"
.
Closes #3298