use the parsed endpoint url and consolidate proxy handling because the proxy in the config is now the one gathered from either SRC_PROXY or the standard env variables

peterguy · peterguy · commit 94f58c8a345c · 2026-02-27T11:28:24.000-08:00
diff --git a/internal/api/api.go b/internal/api/api.go
@@ -71,7 +71,7 @@ type request struct {
 
 // ClientOpts encapsulates the options given to NewClient.
 type ClientOpts struct {
-	Endpoint          string
+	EndpointURL       *url.URL
 	AccessToken       string
 	AdditionalHeaders map[string]string
 
@@ -98,38 +98,20 @@ func buildTransport(opts ClientOpts, flags *Flags) *http.Transport {
 		transport.TLSClientConfig = &tls.Config{}
 	}
 
-	if opts.ProxyURL != nil || opts.ProxyPath != "" {
-		// Explicit SRC_PROXY configuration takes precedence.
+	if opts.ProxyPath != "" || (opts.ProxyURL != nil && opts.ProxyURL.Scheme == "https") {
+		// Use our custom dialer for:
+		// - unix socket proxies
+		// - TLS=enabled proxies, to force HTTP/1.1 for the CONNECT tunnel.
+		//   Many TLS-enabled proxy servers don't support HTTP/2 CONNECT,
+		//   which Go may negotiate via ALPN, resulting in connection errors.
 		transport = withProxyTransport(transport, opts.ProxyURL, opts.ProxyPath)
-	} else if proxyURL := envProxyURL(opts.Endpoint); proxyURL != nil && proxyURL.Scheme == "https" {
-		// For HTTPS proxies discovered via standard env vars, use our custom
-		// dialer to force HTTP/1.1 for the CONNECT tunnel. Many proxy servers
-		// don't support HTTP/2 CONNECT, which Go may negotiate via ALPN when
-		// TLS-connecting to an https:// proxy.
-		transport = withProxyTransport(transport, proxyURL, "")
 	}
-	// For http:// and socks5:// proxies from standard env vars, the cloned
+
+	// For http:// and socks5:// proxies, the cloned
 	// transport's default Proxy handles them correctly without intervention.
 	return transport
 }
 
-// envProxyURL resolves the proxy URL
-// from standard HTTP_PROXY/HTTPS_PROXY/NO_PROXY
-// environment variables for the given endpoint.
-// Returns nil if the endpoint is not a valid URL,
-// no proxy is configured, or the endpoint is excluded.
-func envProxyURL(endpoint string) *url.URL {
-	u, err := url.Parse(endpoint)
-	if err != nil || u.Scheme == "" || u.Host == "" {
-		return nil
-	}
-	proxyURL, err := http.ProxyFromEnvironment(&http.Request{URL: u})
-	if err != nil || proxyURL == nil {
-		return nil
-	}
-	return proxyURL
-}
-
 // NewClient creates a new API client.
 func NewClient(opts ClientOpts) Client {
 	if opts.Out == nil {
@@ -149,7 +131,7 @@ func NewClient(opts ClientOpts) Client {
 
 	return &client{
 		opts: ClientOpts{
-			Endpoint:          opts.Endpoint,
+			EndpointURL:       opts.EndpointURL,
 			AccessToken:       opts.AccessToken,
 			AdditionalHeaders: opts.AdditionalHeaders,
 			Flags:             flags,
@@ -184,7 +166,7 @@ func (c *client) NewHTTPRequest(ctx context.Context, method, p string, body io.R
 }
 
 func (c *client) createHTTPRequest(ctx context.Context, method, p string, body io.Reader) (*http.Request, error) {
-	req, err := http.NewRequestWithContext(ctx, method, strings.TrimRight(c.opts.Endpoint, "/")+"/"+p, body)
+	req, err := http.NewRequestWithContext(ctx, method, strings.TrimRight(c.opts.EndpointURL.String(), "/")+"/"+p, body)
 	if err != nil {
 		return nil, err
 	}
@@ -359,6 +341,6 @@ func (r *request) curlCmd() (string, error) {
 		s += fmt.Sprintf("   %s \\\n", shellquote.Join("-H", k+": "+v))
 	}
 	s += fmt.Sprintf("   %s \\\n", shellquote.Join("-d", string(data)))
-	s += fmt.Sprintf("   %s", shellquote.Join(r.client.opts.Endpoint+"/.api/graphql"))
+	s += fmt.Sprintf("   %s", shellquote.Join(r.client.opts.EndpointURL.String()+"/.api/graphql"))
 	return s, nil
 }
