[PR #1888] [MERGED] support non-preemptive authentication #4473

New issue

Closed

opened 2026-05-05 14:42:44 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 14:42:44 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/fatedier/frp/pull/1888
Author: @fzhyzamt
Created: 7/1/2020
Status: ✅ Merged
Merged: 7/1/2020
Merged by: @fatedier

Base: dev ← Head: patch-2

📝 Commits (1)

062e04d support non-preemptive authentication

📊 Changes

1 file changed (+1 additions, -0 deletions)

View changed files

📝 models/plugin/client/http_proxy.go (+1 -0)

📄 Description

Non-preemptive authentication means that the Proxy-Authorization will not be actively sent when the tunnel is established, and this authentication will be brought after receiving the 407 response.

The server will now directly close the connection when the proxy verification fails, and the client will still send a request on this connection without knowing it, causing the client to report an error.
Therefore, you should explicitly return close when closing the connection.

In rfc7230#Connection

A server that does not support persistent connections MUST send the
"close" connection option in every response message that does not
have a 1xx (Informational) status code.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fatedier/frp/pull/1888 **Author:** [@fzhyzamt](https://github.com/fzhyzamt) **Created:** 7/1/2020 **Status:** ✅ Merged **Merged:** 7/1/2020 **Merged by:** [@fatedier](https://github.com/fatedier) **Base:** `dev` ← **Head:** `patch-2` --- ### 📝 Commits (1) - [`062e04d`](https://github.com/fatedier/frp/commit/062e04d856e787f567012fea60a183b2733a13f7) support non-preemptive authentication ### 📊 Changes **1 file changed** (+1 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `models/plugin/client/http_proxy.go` (+1 -0) </details> ### 📄 Description Non-preemptive authentication means that the Proxy-Authorization will not be actively sent when the tunnel is established, and this authentication will be brought after receiving the 407 response. The server will now directly close the connection when the proxy verification fails, and the client will still send a request on this connection without knowing it, causing the client to report an error. Therefore, you should explicitly return close when closing the connection. In [rfc7230#Connection](https://tools.ietf.org/html/rfc7230#section-6.1) > A server that does not support persistent connections MUST send the "close" connection option in every response message that does not have a 1xx (Informational) status code. ![img](https://i.loli.net/2020/06/15/WVdSQg8ZncKbzMH.png) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>