fix: remove lowercase http_proxy to prevent HTTP forward-proxy bypass

Mossaka · claude · Mossaka · commit 10c59d34e310 · 2026-03-12T18:53:24.000Z
Some curl builds (Ubuntu 22.04) ignore uppercase HTTP_PROXY for HTTP
URLs as an httpoxy mitigation. This means HTTP traffic correctly falls
through to iptables DNAT interception where Squid blocks at the
connection level. Setting lowercase http_proxy causes curl to use the
forward proxy, where Squid's 403 error page returns exit code 0 —
breaking security expectations.

Only https_proxy (lowercase) is needed for Yarn 4/undici/Corepack
compatibility since these tools connect to registries via HTTPS.

Co-Authored-By: Claude Opus 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/src/docker-manager.test.ts b/src/docker-manager.test.ts
@@ -490,20 +490,20 @@ describe('docker-manager', () => {
 
       expect(env.HTTP_PROXY).toBe('http://172.30.0.10:3128');
       expect(env.HTTPS_PROXY).toBe('http://172.30.0.10:3128');
-      expect(env.http_proxy).toBe('http://172.30.0.10:3128');
       expect(env.https_proxy).toBe('http://172.30.0.10:3128');
       expect(env.SQUID_PROXY_HOST).toBe('squid-proxy');
       expect(env.SQUID_PROXY_PORT).toBe('3128');
     });
 
-    it('should set lowercase proxy env vars for Yarn 4 and Corepack compatibility', () => {
+    it('should set lowercase https_proxy for Yarn 4 and Corepack compatibility', () => {
       const result = generateDockerCompose(mockConfig, mockNetworkConfig);
       const agent = result.services.agent;
       const env = agent.environment as Record<string, string>;
 
       // Yarn 4 (undici), Corepack, and some Node.js HTTP clients only check lowercase
-      expect(env.http_proxy).toBe(env.HTTP_PROXY);
       expect(env.https_proxy).toBe(env.HTTPS_PROXY);
+      // http_proxy is intentionally NOT set - see comment in docker-manager.ts
+      expect(env.http_proxy).toBeUndefined();
     });
 
     it('should set NODE_EXTRA_CA_CERTS when SSL Bump is enabled', () => {
diff --git a/src/docker-manager.ts b/src/docker-manager.ts
@@ -343,8 +343,12 @@ export function generateDockerCompose(
   const environment: Record<string, string> = {
     HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
     HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
-    // Lowercase variants for tools that only check lowercase (e.g., Yarn 4/undici, Corepack)
-    http_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
+    // Lowercase https_proxy for tools that only check lowercase (e.g., Yarn 4/undici, Corepack).
+    // NOTE: We intentionally do NOT set lowercase http_proxy. Some curl builds (Ubuntu 22.04)
+    // ignore uppercase HTTP_PROXY for HTTP URLs (httpoxy mitigation), which means HTTP traffic
+    // falls through to iptables DNAT interception — the correct behavior for connection-level
+    // blocking. Setting http_proxy would route HTTP through the forward proxy where Squid's
+    // 403 error page returns exit code 0, breaking security expectations.
     https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
     SQUID_PROXY_HOST: 'squid-proxy',
     SQUID_PROXY_PORT: SQUID_PORT.toString(),
@@ -1022,7 +1026,6 @@ export function generateDockerCompose(
         // Route through Squid to respect domain whitelisting
         HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
         HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
-        http_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
         https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
         // Prevent curl health check from routing localhost through Squid
         NO_PROXY: `localhost,127.0.0.1,::1`,
