fix: respect rejectUnauthorized and ca opts when proxying https #725
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes #362
Problem
When Bruno would make SSL/TLS connections through a proxy, it would not respect connection options like
rejectUnauthorized
orca
. This was making it difficult to use when going through a self-signing MiTM proxy, or using a custom certificate authority.Cause
The issue was caused by an upstream bug in https-proxy-agent, where it doesn't permit options to be passed down when upgrading sockets to TLS:
The same underlying issue has been reported against multiple versions of that library over the years. As you can see in the comments, people have either switched to other libraries, or patched it to pass down such options:
Solution
The solution employed here is to patch the class, similar to what others have done.
When/if the issue is fixed in
proxy-agents
, that should be used instead.Note to Reviewers:
proxy-util.js
file, which is currently duplicated for CLI and Electron. I didn't see a good way to just have one copy of the code. Maybe the JS package would make sense eventually -- there seems to be lots of opportunity for consolidating common code there.proxy.enabled: true
but it's saved asproxy.use: true
in mybruno.json
file in the collection dir. I didn't try to address that as part of the PR, as it seems a separate topic.Contribution Checklist: