From: feldhacker.chris@... Date: 2014-09-17T18:16:26+00:00 Subject: [ruby-core:65092] [ruby-trunk - Bug #10250] User-Agent HTTP header not being set on CONNECT requests Issue #10250 has been updated by Chris Feldhacker. In the (RFC2817, May.2000) doc you reference, section "5.2 Requesting a Tunnel with CONNECT" indicates that "Other HTTP mechanisms can be used normally with the CONNECT method..." and then goes on to provide an example where a "Proxy-Authorization" header is also sent to the proxy. Unfortunately, the doc doesn't seem to elaborate on what "other HTTP mechanisms" means, nor does it provide what other examples might be beyond the Proxy-Authorization header... It's hard to provide proxy server examples as many of the common enterprise-level "web gateways" are hidden behind support logins, but I did manage to find these: https://community.mcafee.com/docs/DOC-4804 https://www.bluecoat.com/security-blog/2014-04-29/protecting-your-organization%E2%80%99s-web-browsing-new-internet-explorer (BlueCoat, McAfee, Symantec, Trend Micro, etc -- a good list is available in this chart: http://images.machspeed.bluecoat.com/EloquaImages/clients/BlueCoat/%7B814625d3-ff03-444b-b846-1b04817a14d5%7D_gartner-2014-mq-graph.jpg) ---------------------------------------- Bug #10250: User-Agent HTTP header not being set on CONNECT requests https://bugs.ruby-lang.org/issues/10250#change-48955 * Author: Chris Feldhacker * Status: Open * Priority: Normal * Assignee: * Category: * Target version: * ruby -v: ruby 2.0.0p481 (2014-05-08) [i386-mingw32] * Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN ---------------------------------------- (This was originally reported as RubyGems issue https://github.com/rubygems/rubygems/issues/1012, contributors determined this is actually a bug in core Ruby.) ----- Per issue https://github.com/rubygems/rubygems/issues/825, RubyGems is supposed to be setting the HTTP User-Agent header, like: RubyGems/2.2.2 x86_64-darwin-13 Ruby/2.1.0 (2013-12-25 patchlevel 0) However, network tracing reveals that the User-Agent header is not being sent on HTTP CONNECT requests to the proxy server, which is needed for some companies to be able to white-list RubyGem traffic. Only bare minimal headers are present: CONNECT api.rubygems.org:443 HTTP/1.1 Host: api.rubygems.org:443 Please set the HTTP User-Agent header on HTTP CONNECT requests. Thanks! -- https://bugs.ruby-lang.org/