fix: skip http proxy added header

[jozefrebjak]

Description

This pull request addresses the HTTP proxy problem by adding a new conditional statement to the code. Specifically, the code checks if the output string begins with HTTP/1.1 200 Connection established.

For example, when the output string contains the following header:

HTTP/1.1 200 Connection established
Proxy-Agent: Fortinet-Proxy/1.0

If it does, then the code uses substr function to remove the initial part of the string up to the specified $breakString, which helps in handling the HTTP proxy issue. The added code segment is as follows:

if (strpos($output, 'HTTP/1.1 200 Connection established') === 0) {
    $output = substr($output, strpos($output, $breakString) + 4);
}

This change ensures that the HTTP proxy connection is handled properly and the code runs smoothly without any errors.

Checklist:

• Securely signed commits
• Component(s) with PHPDoc blocks, only if necessary or adds value
• Unit testing, with >80% coverage
• User guide updated
• Conforms to style guide

[kenjis]

What is the HTTP proxy problem?
How do we reproduce the error?

[jozefrebjak]

What is the HTTP proxy problem?
How do we reproduce the error?

@kenjis I added also test for it but I have precommit problem with memory, basically it's a problem in one of our deployment where Linux machine is communicating with internet via HTTP Proxy. In this enviroment it's Fortinet HTTP Proxy. Our setup is as follow we have Red Hat Enterprise with Docker. CodeIgniter4 docker image is running on Alpine OS. We have configured http_proxy and https_proxy for that, then is everything working we can use Publisher to getaAssets from CDN, in this case jsdelivr. When publisher is doing his job we have an issue where Fortinet adds to the curl output two more rows with break like:

HTTP/1.1 200 Connection established
Proxy-Agent: Fortinet-Proxy/1.0

HTTP/2 200
date: Mon, 26 Jun 2023 07:44:50 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.14.3
x-jsd-version-type: version
etag: W/"23529-0Aplim6MlPCHdtldoUGfLqonpGQ"
x-served-by: cache-fra-eddf8230023-FRA, cache-jnb7021-JNB
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zBXBy6F9ytYZdUmO4cw7tBl%2Fys3wmyumlUD0Ht%2FdIa%2FXr4NjHNOxniwgYTjn4iPV2%2FsqdcQKwIEdNCQ5lgMQU8eGVeJsa2%2F%2BTyyWnSiT4Akd7EhFXaPIRHLoiiVqZYmgAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7dd3d3c99b6c27c0-PRG

.swagger-ui{color:#3b4151;font-family:sans-serif/*! normalize.css v7.0.0

and after that body includes

date: Mon, 26 Jun 2023 07:44:50 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.14.3
x-jsd-version-type: version
etag: W/"23529-0Aplim6MlPCHdtldoUGfLqonpGQ"
x-served-by: cache-fra-eddf8230023-FRA, cache-jnb7021-JNB
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zBXBy6F9ytYZdUmO4cw7tBl%2Fys3wmyumlUD0Ht%2FdIa%2FXr4NjHNOxniwgYTjn4iPV2%2FsqdcQKwIEdNCQ5lgMQU8eGVeJsa2%2F%2BTyyWnSiT4Akd7EhFXaPIRHLoiiVqZYmgAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7dd3d3c99b6c27c0-PRG

in assets, I believe this is the fastest way how to fix it, there is already continued header skiped.

[kenjis]

It may be "Connection Established".

Is it always "HTTP/1.1" ?

[jozefrebjak]

@kenjis You are right, I'm studying now whole concept behind this and it seems that there should be different headers.

The original tunnelling spec required the proxy to return a 200 Connection Established to the client once it had successfully connected to the server, which is what we're seeing. This is potentially followed by more headers, and then an empty line, before the connection becomes transparent and we get the actual response from the server. So, we get two sets of headers. RFC 2817 relaxes this, and allows any 2xx response to a CONNECT request.

Some very late clarification. When you connect to an SSL/TLS server through a proxy, the proxy establishes a tunnel, using HTTP CONNECT. This is covered in RFC2817 and the expired tunneling spec, and not RFC261.

When making an https request through a proxy, a CONNECT request is of
course made to the proxy before the SSL connection can be made with the
remote server.

Currently, the proxy's response to the CONNECT is written to the libcurl
callback function like the rest of the response, such that it appears
before the remote server's response headers. So, for instance, to my
client code, the response looks like this:

HTTP/1.1 200 Connection established <-- proxy's response 
Proxy-Agent: Fortinet-Proxy/1.0

HTTP/2 200 <-- remote server's response 
date: Mon, 26 Jun 2023 07:44:50 GMT 
etc 

some proxies are rather minimalist and only give:

HTTP/1.0 200 <-- proxy's response 

HTTP/1.0 200 OK <-- remote server's response 
Date: Tue, 04 Oct 2005 20:17:22 GMT 
etc 

The best method I have thought of for detecting whether the response
contains a header like this (with a proxy's CONNECT response first) is
to set a header callback and see if I get an empty header line in the
middle of the headers. I haven't actually tested this solution yet.

[kenjis]

On develop.

Start Squid proxy server.

$ docker run --restart always --name proxy-squid -d -p 3128:3128 minimum2scp/squid

Controller:

        $client = \Config\Services::curlrequest();

        $response = $client->request(
            'GET',
            'https://forum.codeigniter.com/syndication.php?limit=1',
            []
        );

        dd($response);

Response body without Proxy:

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title><![CDATA[CodeIgniter Forums - All Forums]]></title>
		<link>https://forum.codeigniter.com/</link>
		<description><![CDATA[CodeIgniter Forums - https://forum.codeigniter.com]]></description>
		<pubDate>Tue, 27 Jun 2023 11:57:49 +0000</pubDate>
		<generator>MyBB</generator>
		<item>
			<title><![CDATA[How can Code Igniter 4.3 handle user-specific templates?]]></title>
			<link>https://forum.codeigniter.com/showthread.php?tid=87957</link>
			<pubDate>Tue, 27 Jun 2023 11:55:19 +0000</pubDate>
			<dc:creator><![CDATA[<a href="https://forum.codeigniter.com/member.php?action=profile&uid=71285">LeahaTaul</a>]]></dc:creator>
			<guid isPermaLink="false">https://forum.codeigniter.com/showthread.php?tid=87957</guid>
			<description><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></description>
			<content:encoded><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></content:encoded>
		</item>
	</channel>
</rss>

Start spark serve with Proxy environment variables.

$ export HTTP_PROXY=http://localhost:3128
$ export HTTPS_PROXY=http://localhost:3128
$ php spark serve

Response body with Proxy:

HTTP/2 200 
date: Tue, 27 Jun 2023 11:57:32 GMT
content-type: text/xml; charset="UTF-8"
set-cookie: mybb[lastvisit]=1687867052; expires=Wed, 26-Jun-2024 11:57:32 GMT; path=/; domain=.forum.codeigniter.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: mybb[lastactive]=1687867052; expires=Wed, 26-Jun-2024 11:57:32 GMT; path=/; domain=.forum.codeigniter.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi6dfcKgQ2TaPxWYMLdJlRk456lIlsEvDnaYzEU%2BWwCcrhgE90ACEytEC0Tnmdx9m7QieovI8gZsyMdXNTZpOszJg4JB7ahJKJgdmYcibbUYY%2Fu7KB1BdsbkWXOvVrvgqdDC0hTInMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ddd835479e4af6a-NRT
alt-svc: h3=":443"; ma=86400

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title><![CDATA[CodeIgniter Forums - All Forums]]></title>
		<link>https://forum.codeigniter.com/</link>
		<description><![CDATA[CodeIgniter Forums - https://forum.codeigniter.com]]></description>
		<pubDate>Tue, 27 Jun 2023 11:57:32 +0000</pubDate>
		<generator>MyBB</generator>
		<item>
			<title><![CDATA[How can Code Igniter 4.3 handle user-specific templates?]]></title>
			<link>https://forum.codeigniter.com/showthread.php?tid=87957</link>
			<pubDate>Tue, 27 Jun 2023 11:55:19 +0000</pubDate>
			<dc:creator><![CDATA[<a href="https://forum.codeigniter.com/member.php?action=profile&uid=71285">LeahaTaul</a>]]></dc:creator>
			<guid isPermaLink="false">https://forum.codeigniter.com/showthread.php?tid=87957</guid>
			<description><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></description>
			<content:encoded><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></content:encoded>
		</item>
	</channel>
</rss>

[kenjis]

The original $output (return of $this->sendRequest($curlOptions)) with Squid proxy is the following.
So this PR works fine with Squid.

HTTP/1.1 200 Connection established

HTTP/2 200 
date: Tue, 27 Jun 2023 12:11:39 GMT
content-type: text/xml; charset="UTF-8"
set-cookie: mybb[lastvisit]=1687867899; expires=Wed, 26-Jun-2024 12:11:39 GMT; path=/; domain=.forum.codeigniter.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: mybb[lastactive]=1687867899; expires=Wed, 26-Jun-2024 12:11:39 GMT; path=/; domain=.forum.codeigniter.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlMVWg6WOtjQiOrlJlvqL3rhzz0efiOCjxNYa9BtMDAEeJp6jqkociSFw0NXxq70U%2FHgN9sSvBVCQt4J6K6y%2BoODziO3v7GQY6WUDl3ioe2hXperp9q5Y5IxaftHb1JJtMF6CNLDyfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ddd9804f9d4afe1-NRT
alt-svc: h3=":443"; ma=86400

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title><![CDATA[CodeIgniter Forums - All Forums]]></title>
		<link>https://forum.codeigniter.com/</link>
		<description><![CDATA[CodeIgniter Forums - https://forum.codeigniter.com]]></description>
		<pubDate>Tue, 27 Jun 2023 12:11:39 +0000</pubDate>
		<generator>MyBB</generator>
		<item>
			<title><![CDATA[How can Code Igniter 4.3 handle user-specific templates?]]></title>
			<link>https://forum.codeigniter.com/showthread.php?tid=87957</link>
			<pubDate>Tue, 27 Jun 2023 11:55:19 +0000</pubDate>
			<dc:creator><![CDATA[<a href="https://forum.codeigniter.com/member.php?action=profile&uid=71285">LeahaTaul</a>]]></dc:creator>
			<guid isPermaLink="false">https://forum.codeigniter.com/showthread.php?tid=87957</guid>
			<description><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></description>
			<content:encoded><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></content:encoded>
		</item>
	</channel>
</rss>

[jozefrebjak]

The original $output (return of $this->sendRequest($curlOptions)) with Squid proxy is the following. So this PR works fine with Squid.

HTTP/1.1 200 Connection established

HTTP/2 200 
date: Tue, 27 Jun 2023 12:11:39 GMT
content-type: text/xml; charset="UTF-8"
set-cookie: mybb[lastvisit]=1687867899; expires=Wed, 26-Jun-2024 12:11:39 GMT; path=/; domain=.forum.codeigniter.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: mybb[lastactive]=1687867899; expires=Wed, 26-Jun-2024 12:11:39 GMT; path=/; domain=.forum.codeigniter.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlMVWg6WOtjQiOrlJlvqL3rhzz0efiOCjxNYa9BtMDAEeJp6jqkociSFw0NXxq70U%2FHgN9sSvBVCQt4J6K6y%2BoODziO3v7GQY6WUDl3ioe2hXperp9q5Y5IxaftHb1JJtMF6CNLDyfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ddd9804f9d4afe1-NRT
alt-svc: h3=":443"; ma=86400

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title><![CDATA[CodeIgniter Forums - All Forums]]></title>
		<link>https://forum.codeigniter.com/</link>
		<description><![CDATA[CodeIgniter Forums - https://forum.codeigniter.com]]></description>
		<pubDate>Tue, 27 Jun 2023 12:11:39 +0000</pubDate>
		<generator>MyBB</generator>
		<item>
			<title><![CDATA[How can Code Igniter 4.3 handle user-specific templates?]]></title>
			<link>https://forum.codeigniter.com/showthread.php?tid=87957</link>
			<pubDate>Tue, 27 Jun 2023 11:55:19 +0000</pubDate>
			<dc:creator><![CDATA[<a href="https://forum.codeigniter.com/member.php?action=profile&uid=71285">LeahaTaul</a>]]></dc:creator>
			<guid isPermaLink="false">https://forum.codeigniter.com/showthread.php?tid=87957</guid>
			<description><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></description>
			<content:encoded><![CDATA[In my system, I have three users, each with their own unique template layout separate from the main website. The user information is stored in a table, including a template ID. After a user logs in, I would like to redirect them to the appropriate template based on their template ID. Each template has a completely different layout.<br />
<br />
I had successfully implemented this functionality in the previous version of the website, which did not use the MVC (Model-View-Controller) architecture. However, as I am migrating everything to Code Igniter 4.3, I am seeking assistance on how to achieve the same functionality in the new framework.<br />
<br />
Thank you for your help in advance!]]></content:encoded>
		</item>
	</channel>
</rss>

I believe everything else than HTTP/1.1 200 Connection established can come from legacy HTTP Proxy servers and this PR will solve issue.

[kenjis]

I implemented a request option proxy in CURLRequest. See #7632

        $client = \Config\Services::curlrequest();
        $response = $client->request(
            'GET',
            'https://forum.codeigniter.com/syndication.php?limit=1',
            [
                'proxy' => 'http://localhost:3128',
            ]
        );
        dd($response);

And the response body is the same as before this PR.

HTTP/2 200 
date: Tue, 27 Jun 2023 23:55:42 GMT
content-type: text/xml; charset="UTF-8"
set-cookie: mybb[lastvisit]=1687910142; expires=Wed, 26-Jun-2024 23:55:42 GMT; path=/; domain=.forum.codeigniter.com
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: mybb[lastactive]=1687910142; expires=Wed, 26-Jun-2024 23:55:42 GMT; path=/; domain=.forum.codeigniter.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsGdgdz7kzjoAfACmq2423zMwzthvKkiI9KZ2cNHXyBWrp6zvaAgpdeaMiPCRto7ZELHULCxdcgg1t%2Fmvjv5eoMeclphw%2F9PpMV5z9Z3KMjEBC2GKtoMNLXhymasiuIYMuBtKDM1074%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7de19f5548512614-NRT
alt-svc: h3=":443"; ma=86400

<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title><![CDATA[CodeIgniter Forums - All Forums]]></title>
		<link>https://forum.codeigniter.com/</link>
		<description><![CDATA[CodeIgniter Forums - https://forum.codeigniter.com]]></description>
		<pubDate>Tue, 27 Jun 2023 23:55:42 +0000</pubDate>
		<generator>MyBB</generator>
		<item>
			<title><![CDATA[custom cache direectory per controller?]]></title>
			<link>https://forum.codeigniter.com/showthread.php?tid=87959</link>
			<pubDate>Tue, 27 Jun 2023 17:16:11 +0000</pubDate>
			<dc:creator><![CDATA[<a href="https://forum.codeigniter.com/member.php?action=profile&uid=22858">mymisty</a>]]></dc:creator>
			<guid isPermaLink="false">https://forum.codeigniter.com/showthread.php?tid=87959</guid>
			<description><![CDATA[I am trying to find a way on caching into a specific directory withing the cache directory per controller. Currently there are thousands of cache files in the cache directory for all of my controllers, is there a way of specifying a directory on a per controller basis?]]></description>
			<content:encoded><![CDATA[I am trying to find a way on caching into a specific directory withing the cache directory per controller. Currently there are thousands of cache files in the cache directory for all of my controllers, is there a way of specifying a directory on a per controller basis?]]></content:encoded>
		</item>
	</channel>
</rss>

[kenjis]

This is not perfect, but works for now.

[kenjis]

@jozefrebjak Thank you!