clarify comments and direct all proxy usage to the custom dialer

peterguy · peterguy · commit 66db8f3d5882 · 2026-03-10T21:40:41.000-07:00
diff --git a/internal/api/api.go b/internal/api/api.go
@@ -100,12 +100,12 @@ func buildTransport(opts ClientOpts, flags *Flags) http.RoundTripper {
 		transport.TLSClientConfig = &tls.Config{}
 	}
 
-	if opts.ProxyPath != "" || (opts.ProxyURL != nil && opts.ProxyURL.Scheme == "https") {
-		// Use our custom dialer for:
-		// - unix socket proxies
-		// - TLS=enabled proxies, to force HTTP/1.1 for the CONNECT tunnel.
-		//   Many TLS-enabled proxy servers don't support HTTP/2 CONNECT,
-		//   which Go may negotiate via ALPN, resulting in connection errors.
+	if opts.ProxyPath != "" || opts.ProxyURL != nil {
+		// Use our custom dialer for proxied connections.
+		// A custom dialer is not always needed - the connection libraries will handle HTTP(S)_PROXY-defined proxies
+		// (Go supports http, https, socks5, and socks5h proxies via HTTP(S)_PROXY),
+		// but we're also supporting proxies defined via SRC_PROXY, which can include UDS proxies,
+		// and connecting to TLS-enabled proxies adds an additional wrinkle when using HTTP/2.
 		transport = withProxyTransport(transport, opts.ProxyURL, opts.ProxyPath)
 	}
 
diff --git a/internal/api/proxy.go b/internal/api/proxy.go
@@ -82,10 +82,10 @@ func withProxyTransport(baseTransport *http.Transport, proxyURL *url.URL, proxyP
 		baseTransport.Proxy = nil
 	} else if proxyURL != nil {
 		switch proxyURL.Scheme {
-		case "socks5", "socks5h":
-			// SOCKS proxies work out of the box - no need to manually dial
+		case "http", "socks5", "socks5h":
+			// HTTP and SOCKS proxies work out of the box - no need to manually dial
 			baseTransport.Proxy = http.ProxyURL(proxyURL)
-		case "http", "https":
+		case "https":
 			dial := func(ctx context.Context, network, addr string) (net.Conn, error) {
 				// Dial the proxy. For https:// proxies, we TLS-connect to the
 				// proxy itself and force ALPN to HTTP/1.1 to prevent Go from
@@ -166,7 +166,7 @@ func withProxyTransport(baseTransport *http.Transport, proxyURL *url.URL, proxyP
 			}
 			baseTransport.DialContext = dial
 			baseTransport.DialTLSContext = dialTLS
-			// clear out any system proxy settings
+			// clear out the system proxy because we're defining our own dialers
 			baseTransport.Proxy = nil
 		}
 	}
