Missing Proxy-Authorization header when using HTTPS proxy with HTTP target URLs

[bliuchak]

Version: 0.7.1 (impit-node)

When using an HTTPS proxy to fetch HTTP targets, Impit does NOT send the Proxy-Authorization header, resulting in 407 errors.

Similarly to #324 this sounds like inner bug of reqwest library.

Expected

Proxy-Authorization: Basic dXNlcjpwYXNz header should be sent.

Actual

Header is missing; proxy returns 407.

Example

const { Impit } = require('impit');
const https = require('node:https');
const fs = require('node:fs');

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

async function main() {
    let authHeaderReceived = false;

    // HTTPS proxy that checks for Proxy-Authorization
    const proxy = https.createServer({
        key: fs.readFileSync('ssl.key'),
        cert: fs.readFileSync('ssl.crt'),
    }, (req, res) => {
        authHeaderReceived = !!req.headers['proxy-authorization'];
        console.log('Auth header:', authHeaderReceived ? 'present' : 'MISSING');

        if (!authHeaderReceived) {
            res.writeHead(407);
            return res.end();
        }
        res.writeHead(200);
        res.end('OK');
    });

    await new Promise((r) => proxy.listen(0, '127.0.0.1', r));
    const { port } = proxy.address();

    const impit = new Impit({
        proxyUrl: `https://user:pass@127.0.0.1:${port}`,
        ignoreTlsErrors: true,
    });

    try {
        const res = await impit.fetch('http://httpbin.org/get');
        console.log('Status:', res.status);
    } catch (e) {
        console.log('Error:', e.message);
    }

    console.log('Auth header was sent:', authHeaderReceived); // Expected: true, Actual: false

    proxy.close();
}

main();

// Output:
// Auth header: MISSING
// Status: 407
// Auth header was sent: false

Note

This only affects HTTPS proxy -> HTTP target. HTTPS proxy -> HTTPS target (via CONNECT) works correctly.