Over HTTPS, per request proxy auth header should only be sent on CONNECT, close #1153

slandelle · slandelle · commit 67f1cd669630 · 2016-05-12T01:07:56.000+02:00
diff --git a/client/src/main/java/org/asynchttpclient/netty/request/NettyRequestFactory.java b/client/src/main/java/org/asynchttpclient/netty/request/NettyRequestFactory.java
@@ -199,7 +199,10 @@ public NettyRequest newNettyRequest(Request request, boolean forceConnect, Proxy
 
         // don't override authorization but append
         addAuthorizationHeader(headers, perRequestAuthorizationHeader(realm));
-        setProxyAuthorizationHeader(headers, perRequestProxyAuthorizationHeader(proxyRealm));
+        // only set proxy auth on request over plain HTTP, or when performing CONNECT
+        if (!uri.isSecured() || connect) {
+            setProxyAuthorizationHeader(headers, perRequestProxyAuthorizationHeader(proxyRealm));
+        }
 
         // Add default accept headers
         if (!headers.contains(ACCEPT))
