Redirect bug - failed to round trip: net/http: HTTP/1.x transport connection broken

[dushankw]

Hello,

Thank you for open sourcing this excellent library!

I am starting to play with it and have noticed an issue with the sample code that suggests an issue in the library itself.

I have built the example and have it working perfectly for most sites (with a new CA I have generated and added to my trust store for TLS MitM), I have also removed the proxy authentication in the example.

I am testing it on Linux via chromium-browser --proxy-server="https://127.0.0.1:3333" so there's no iptables manipulation going on to add complexity.

The problem is that the proxy breaks on the login for ChatGPT https://chat.openai.com/auth/login

I am unsure if AdGuard itself is impacted, as I am not currently running it.

The log output from my proxy binary is as follows:

2024/03/04 11:51:07 7271#321 [debug] id=100022-1-1-2: handle request POST https://chat.openai.com/api/auth/signin/login-web?prompt=login
2024/03/04 11:51:07 7271#321 [error] id=100022-1-1-2: failed to round trip: net/http: HTTP/1.x transport connection broken: http: ContentLength=100 with Body length 0
2024/03/04 11:51:07 7271#321 [debug] id=100022-1-1-2: received response 502 Bad Gateway
2024/03/04 11:51:07 7271#321 [info] onResponse: https://chat.openai.com/api/auth/signin/login-web?prompt=login
2024/03/04 11:51:07 7271#321 [debug] id=100022-1-1-2: received close request
2024/03/04 11:51:07 7271#321 [debug] id=100022-1-1: closing connection due to: closing connection
2024/03/04 11:51:07 7271#321 [debug] id=100022: closing connection due to: closing connection

Based specifically on failed to round trip: net/http: HTTP/1.x transport connection broken: http: ContentLength=100 with Body length 0, what I believe is happening here is as follows:

0. The ChatGPT front end loads successfully via the proxy
1. You click login and a request is made to the login service - the front end is a React application so it is not making a full reload of the page (NOTE: Possibly other React applications may be impacted - I will update the issue if I find more)
2. Because a new request has not been made, the body is now empty because the http.request body is a buffer and once it is read in the first call, the buffer becomes empty and there is no body content to send in redirect call.

@ameshkov if you could please advise I would greatly appreciate it, thank you!

[dushankw]

@ameshkov I poked around at some other React apps I know of, and it seems to not work on Facebook as well, same issue on its login.

Eg: go to facebook.com > Click Login button.

2024/03/04 12:31:48 7841#3643 [debug] id=100189: waiting for request
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1: handle request CONNECT http://www.facebook.com:443
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1: connecting to host: www.facebook.com:443
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1: connecting to tcp://www.facebook.com:443
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1: attempting MITM for connection
2024/03/04 12:31:48 7841#3643 [info] onResponse: http://www.facebook.com:443
2024/03/04 12:31:48 7841#3643 [debug] mitm: cache hit for www.facebook.com
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1-1: waiting for request
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1-1-1: handle request POST https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=<REDACTED>
2024/03/04 12:31:48 7841#3643 [error] id=100189-1-1-1: failed to round trip: net/http: HTTP/1.x transport connection broken: http: ContentLength=1940 with Body length 0
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1-1-1: received response 502 Bad Gateway
2024/03/04 12:31:48 7841#3643 [info] onResponse: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=<REDACTED>
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1-1-1: received close request
2024/03/04 12:31:48 7841#3643 [debug] id=100189-1-1: closing connection due to: closing connection
2024/03/04 12:31:48 7841#3643 [debug] id=100189: closing connection due to: closing connection

[ameshkov]

So far I cannot reproduce this issue.

Could you please modify the example and remove the onResponse handler? It demonstrates how you can modify the response body, but it probably can mess with some websites.