vitejs · sapphi-red · Nov 18, 2025 · Nov 26, 2025
diff --git a/patches/http-proxy-3.patch b/patches/http-proxy-3.patch
@@ -0,0 +1,107 @@
+diff --git a/dist/lib/http-proxy/common.js b/dist/lib/http-proxy/common.js
+index 790db7c0e626d09008da822ba93b2c6c81e08c35..82b37f54e71aaf6ad4cb17f8963f469569586a09 100644
+--- a/dist/lib/http-proxy/common.js
++++ b/dist/lib/http-proxy/common.js
+@@ -31,11 +31,11 @@ const HTTP2_HEADER_BLACKLIST = [
+ // Returns Object with all required properties outgoing options.
+ function setupOutgoing(
+ // Base object to be filled with required properties
+-outgoing, 
++outgoing,
+ // Config object passed to the proxy
+-options, 
++options,
+ // Request Object
+-req, 
++req,
+ // String to select forward or target
+ forward) {
+     // the final path is target path + relative path requested by user:
+@@ -59,6 +59,9 @@ forward) {
+     }
+     outgoing.method = options.method || req.method;
+     outgoing.headers = { ...req.headers };
++    if (req.headers[":authority"]) {
++        outgoing.headers.host = req.headers[":authority"];
++    }
+     if (options.headers) {
+         outgoing.headers = { ...outgoing.headers, ...options.headers };
+     }
+@@ -131,7 +134,8 @@ function setupSocket(socket) {
+ function getPort(
+ // Incoming HTTP request.
+ req) {
+-    const res = req.headers.host ? req.headers.host.match(/:(\d+)/) : "";
++    const hostHeader = req.headers[":authority"] || req.headers.host;
++    const res = hostHeader ? hostHeader.match(/:(\d+)/) : "";
+     return res ? res[1] : hasEncryptedConnection(req) ? "443" : "80";
+ }
+ // Check if the request has an encrypted connection.
+@@ -190,7 +194,7 @@ function urlJoin(...args) {
+     // on every request
+     return queryParamRaw ? retSegs + "?" + queryParamRaw : retSegs;
+ }
+-function rewriteCookieProperty(header, 
++function rewriteCookieProperty(header,
+ // config = mapping of domain to rewritten domain.
+ //         '*' key to match any domain, null value to remove the domain.
+ config, property) {
+diff --git a/dist/lib/http-proxy/passes/web-incoming.js b/dist/lib/http-proxy/passes/web-incoming.js
+index 2e18d18996062c1dddedc1ca7f9156005de52319..d6f4d3c45b8db80c804e3fea4eee302eb82f824c 100644
+--- a/dist/lib/http-proxy/passes/web-incoming.js
++++ b/dist/lib/http-proxy/passes/web-incoming.js
+@@ -85,7 +85,7 @@ function XHeaders(req, _res, options) {
+                 values[header];
+     }
+     req.headers["x-forwarded-host"] =
+-        req.headers["x-forwarded-host"] || req.headers["host"] || "";
++        req.headers["x-forwarded-host"] || req.headers[":authority"] || req.headers["host"] || "";
+ }
+ // Does the actual proxying. If `forward` is enabled fires up
+ // a ForwardStream (there is NO RESPONSE), same happens for ProxyStream. The request
+diff --git a/dist/lib/http-proxy/passes/web-outgoing.js b/dist/lib/http-proxy/passes/web-outgoing.js
+index b61fbd85455d1ac245146f5dc8818d982fbd0bab..f6edd2e81497ef84eb66abad144e53b0057bbcd8 100644
+--- a/dist/lib/http-proxy/passes/web-outgoing.js
++++ b/dist/lib/http-proxy/passes/web-outgoing.js
+@@ -53,7 +53,7 @@ const common = __importStar(require("../common"));
+ const redirectRegex = /^201|30(1|2|7|8)$/;
+ // <--
+ // If is a HTTP 1.0 request, remove chunk headers
+-function removeChunked(_req, _res, 
++function removeChunked(_req, _res,
+ // Response object from the proxy request
+ proxyRes) {
+     // transfer-encoding is hop-by-hop, don't preserve it across proxy hops
+@@ -61,7 +61,7 @@ proxyRes) {
+ }
+ // If is a HTTP 1.0 request, set the correct connection header
+ // or if connection header not present, then use `keep-alive`
+-function setConnection(req, _res, 
++function setConnection(req, _res,
+ // Response object from the proxy request
+ proxyRes) {
+     if (req.httpVersion === "1.0") {
+@@ -89,7 +89,7 @@ function setRedirectHostRewrite(req, _res, proxyRes, options) {
+             u.host = options.hostRewrite;
+         }
+         else if (options.autoRewrite) {
+-            u.host = req.headers["host"] ?? "";
++            u.host = req.headers[":authority"] ?? req.headers["host"] ?? "";
+         }
+         if (options.protocolRewrite) {
+             u.protocol = options.protocolRewrite;
+@@ -98,11 +98,11 @@ function setRedirectHostRewrite(req, _res, proxyRes, options) {
+     }
+ }
+ // Copy headers from proxyRes to res.
+-function writeHeaders(_req, 
++function writeHeaders(_req,
+ // Response to set headers in
+-res, 
++res,
+ // Response object from the proxy request
+-proxyRes, 
++proxyRes,
+ // options.cookieDomainRewrite: Config to rewrite cookie domain
+ options) {
+     const rewriteCookieDomainConfig = typeof options.cookieDomainRewrite === "string"
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
@@ -19,6 +19,7 @@ patchedDependencies:
   "[email protected]": "patches/[email protected]"
   "[email protected]": "patches/[email protected]"
   "[email protected]": "patches/[email protected]"
+  "http-proxy-3": patches/http-proxy-3.patch
 peerDependencyRules:
   allowedVersions:
     vite: "*"