HTTPS_PROXY support issues non-compliant CONNECT requests

[dgnemo]

What version of gRPC are you using?

google.golang.org/grpc v1.73.0

What version of Go are you using (go version)?

1.25.0

What operating system (Linux, Windows, …) and version?

Debian GNU/Linux 12 (bookworm) / amd64

What did you do?

When setting HTTPS_PROXY env variable, grpc-go issues CONNECT requests that lack a port number, when this was omitted in the original target (relying on the 443 default port used elsewhere by gRPC).

This appears to be similar to this other issue that was affecting the C++ gRPC library:
grpc/grpc#26331

I tested this by creating a simple gRPC client example, and using mitmproxy to run an HTTPS_PROXY.

./mitmproxy &
HTTPS_PROXY=127.0.0.1:8080 ./simpleGrpcClient dns:///mytarget.com

What did you expect to see?

simpleGrpcClient should connect to mytarget through the HTTPS_PROXY, by connecting to the proxy and issuing the following HTTP request:

HTTP CONNECT mytarget.com:443

What did you see instead?

simpleGrpcClient connects to the proxy and issues a non-compliant CONNECT requests:

HTTP CONNECT mytarget.com

This was verified by using mitmproxy which printed the following log:

Bad HTTP request line: b'CONNECT mytarget.com HTTP/1.1'

(while it works correctly if I use an explicit target such as: dns:///mytarget.com:443

According to HTTP/1.1 RFC, in the CONNECT method the port information is required as part of the "authority form". See:

• https://datatracker.ietf.org/doc/html/rfc7231#section-4.3.6
• https://datatracker.ietf.org/doc/html/rfc7230#section-5.3.3

A similar issue was present in the C++ gRPC library: grpc/grpc#26227
and was fixed here: grpc/grpc#26331

[eshitachandwani]

Hello @dgnemo , thank you for reporting this. We have a PR out to fix it.