Skip to content

https: fix readable listener leak during proxy CONNECT #62913

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
thisalihassan wants to merge 1 commit into
base: main
Choose a base branch
from
+98 −1
Open

https: fix readable listener leak during proxy CONNECT #62913

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/https.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,7 +221,6 @@ function establishTunnel(agent, socket, options, tunnelConfig, afterSocket) {
break;
}
}
socket.on('readable', read);
}

function cleanup() {
Expand Down Expand Up @@ -315,6 +314,7 @@ function establishTunnel(agent, socket, options, tunnelConfig, afterSocket) {

socket.on('error', onProxyError);
socket.on('end', onProxyEnd);
socket.on('readable', read);
socket.write(proxyTunnelPayload);

read();
Expand Down
97 changes: 97 additions & 0 deletions test/client-proxy/test-https-proxy-request-slow-connect-response.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
// Regression test for https://github.com/nodejs/node/issues/62904.
// This test drives that scenario by writing the CONNECT response one byte at
// a time with a short delay between writes, and asserts that no warning is
// ever emitted while the full HTTPS response is received correctly.

import * as common from '../common/index.mjs';
import fixtures from '../common/fixtures.js';
import assert from 'node:assert';
import http from 'node:http';
import net from 'node:net';
import { once } from 'events';

if (!common.hasCrypto)
common.skip('missing crypto');

// https must be dynamically imported so that builds without crypto support
// can skip it.
const { default: https } = await import('node:https');

// Target HTTPS server the client ultimately wants to reach.
const server = https.createServer({
cert: fixtures.readKey('agent8-cert.pem'),
key: fixtures.readKey('agent8-key.pem'),
}, common.mustCall((req, res) => {
res.end('Hello world');
}));
server.on('error', common.mustNotCall((err) => { console.error('Server error', err); }));
server.listen(0);
await once(server, 'listening');

// Proxy server that writes the CONNECT response one byte at a time. Using the
// built-in HTTP server avoids having to parse the CONNECT request ourselves
// (which cannot rely on a single TCP chunk containing the whole request line).
const proxy = http.createServer();
Copy link
Copy Markdown
Member

@joyeecheung joyeecheung Apr 29, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you move the proxy to a separate process? I recall there can be problems otherwise if the environment contains proxy variables.

EDIT: looking at the patterns of other files I think it should be starting the request from a different process instead. Or at least avoid having the requester and the proxy in the same process.

proxy.on('connect', common.mustCall(async (req, res, head) => {
const { hostname, port } = new URL(`https://${req.url}`);
const normalizedHost = hostname.startsWith('[') && hostname.endsWith(']') ?
hostname.slice(1, -1) : hostname;

const upstream = net.connect(Number(port), normalizedHost);
upstream.on('error', () => res.destroy());
res.on('error', () => upstream.destroy());
await once(upstream, 'connect');

const response = 'HTTP/1.1 200 Connection Established\r\n' +
'Proxy-agent: Node.js-Proxy\r\n' +
'\r\n';
// Feed the response byte by byte with a macrotask boundary between writes
// so the client sees many separate 'readable' events during tunnel setup.
// This is what triggers the listener leak described in the issue.
for (let i = 0; i < response.length; i++) {
if (res.destroyed) {
upstream.destroy();
return;
}
res.write(response[i]);
await new Promise((resolve) => setImmediate(resolve));
}
if (head?.length) upstream.write(head);
res.pipe(upstream);
upstream.pipe(res);
}, 1));
proxy.on('error', common.mustNotCall((err) => { console.error('Proxy error', err); }));
proxy.listen(0);
await once(proxy, 'listening');

// No warning should be emitted during the proxied request. The pre-fix code
// emits MaxListenersExceededWarning; any other warning here would also be
// unexpected and should fail the test.
process.on('warning',
common.mustNotCall('unexpected warning during proxied request'));

const agent = new https.Agent({
proxyEnv: {
HTTPS_PROXY: `http://localhost:${proxy.address().port}`,
},
ca: fixtures.readKey('fake-startcom-root-cert.pem'),
});

const req = https.request({
hostname: 'localhost',
port: server.address().port,
path: '/test',
agent,
}, common.mustCall((res) => {
let data = '';
res.setEncoding('utf8');
res.on('data', (chunk) => { data += chunk; });
res.on('end', common.mustCall(() => {
assert.strictEqual(data, 'Hello world');
assert.strictEqual(res.statusCode, 200);
proxy.close();
server.close();
}));
}));
req.on('error', common.mustNotCall());
req.end();
Loading