From 05354ba2f0be2f1eb1e4ac5ae37f418a2d67262a Mon Sep 17 00:00:00 2001 From: Sander Declerck Date: Wed, 15 Oct 2025 11:56:03 +0200 Subject: [PATCH] Add some more comments on why http / https is handled in different code paths --- packages/safe-chain/src/registryProxy/plainHttpProxy.js | 3 +++ packages/safe-chain/src/registryProxy/registryProxy.js | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/safe-chain/src/registryProxy/plainHttpProxy.js b/packages/safe-chain/src/registryProxy/plainHttpProxy.js index 29b7fe1..e337b44 100644 --- a/packages/safe-chain/src/registryProxy/plainHttpProxy.js +++ b/packages/safe-chain/src/registryProxy/plainHttpProxy.js @@ -4,6 +4,9 @@ import * as https from "https"; export function handleHttpProxyRequest(req, res) { const url = new URL(req.url); + // The protocol for the plainHttpProxy should usually only be http: + // but when the client for some reason sends an https: request directly + // instead of using the CONNECT method, we should handle it gracefully. let protocol; if (url.protocol === "http:") { protocol = http; diff --git a/packages/safe-chain/src/registryProxy/registryProxy.js b/packages/safe-chain/src/registryProxy/registryProxy.js index d548999..b0e8dd1 100644 --- a/packages/safe-chain/src/registryProxy/registryProxy.js +++ b/packages/safe-chain/src/registryProxy/registryProxy.js @@ -55,7 +55,10 @@ export function mergeSafeChainProxyEnvironmentVariables(env) { function createProxyServer() { const server = http.createServer( - handleHttpProxyRequest // This handles plain HTTP requests + // This handles direct HTTP requests (non-CONNECT requests) + // This is normally http-only traffic, but we also handle + // https for clients that don't properly use CONNECT + handleHttpProxyRequest ); // This handles HTTPS requests via the CONNECT method