Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TypeError: Protocol "http:" not supported. Expected "https:" #2348

Closed
AmazingTurtle opened this issue Apr 2, 2025 · 2 comments · Fixed by #2351
Closed

TypeError: Protocol "http:" not supported. Expected "https:" #2348

AmazingTurtle opened this issue Apr 2, 2025 · 2 comments · Fixed by #2351

Comments

@AmazingTurtle
Copy link

So yeah I spent like 2 hours deep dive debugging into this only to discover a bug.

javascript/src/config.ts

Lines 527 to 551 in 3283cb1

private createAgent(
cluster: Cluster | null,
agentOptions: https.AgentOptions,
): https.Agent | SocksProxyAgent | HttpProxyAgent | HttpsProxyAgent {
let agent: https.Agent | SocksProxyAgent | HttpProxyAgent | HttpsProxyAgent;
if (cluster && cluster.proxyUrl) {
if (cluster.proxyUrl.startsWith('socks')) {
agent = new SocksProxyAgent(cluster.proxyUrl, agentOptions);
} else if (cluster.server.startsWith('https')) {
const httpsProxyAgentOptions: HttpsProxyAgentOptions = agentOptions as HttpsProxyAgentOptions;
httpsProxyAgentOptions.proxy = cluster.proxyUrl;
agent = new HttpsProxyAgent(httpsProxyAgentOptions);
} else if (cluster.server.startsWith('http')) {
const httpProxyAgentOptions: HttpProxyAgentOptions = agentOptions as HttpProxyAgentOptions;
httpProxyAgentOptions.proxy = cluster.proxyUrl;
agent = new HttpProxyAgent(httpProxyAgentOptions);
} else {
throw new Error('Unsupported proxy type');
}
} else {
agent = new https.Agent(agentOptions);
}
return agent;
}

more specifically

javascript/src/config.ts

Lines 533 to 536 in 3283cb1

if (cluster && cluster.proxyUrl) {
if (cluster.proxyUrl.startsWith('socks')) {
agent = new SocksProxyAgent(cluster.proxyUrl, agentOptions);
} else if (cluster.server.startsWith('https')) {

if no proxyUrl is set, then the default will be an HTTPS agent, which does not work with kubectl proxy environments.
@mstruebing mstruebing mentioned this issue Apr 3, 2025
Merged
@mstruebing
Copy link
Member

mstruebing commented Apr 3, 2025
edited
Loading

I've created a PR for this.
I did not test it though - would be nice if you could give it a try.

If an cluster.server is set with a prefix of http: I apply the http.Agent instead of the https.Agent.

If that does not fix your issue, could you give some guidance how to set up an environment like you have to be able to debug effectivly?

@brendandburns
Copy link
Contributor

You really shouldn't use http for this. If you connect over HTTP all of your data (and your tokens) will be sent in the clear to the proxy and be sniffable on anything in between.

At the very least I think we should also require that the tlsInsecureNoVerify flag is also set before we enable an HTTP connection.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: apply http agent if needed kubernetes-client/javascript
3 participants
@AmazingTurtle @brendandburns @mstruebing