NettyAsyncHttpProvider returns 404 for HTTPS URLs when behind proxy

[w31rd0]

When a request is made to a HTTPS URL and AsyncHttpClient is configured to use proxy, the request results in 404 error.

What happens is AsyncHttpClient first issues a CONNECT request to the proxy (line 570):

        if (allowConnect && (isProxyServer(config, request) && isSecure(uri))) {
            method = HttpMethod.CONNECT.toString();
        }
        return construct(config, request, new HttpMethod(method), uri, buffer);

And then makes a regular HTTP request via the established secure channel, but the following condition at line 600 makes it use full URL as a path although the request is sent directly to the server this time:

            if (isProxyServer(config, request))
                path = uri.toString();
            else if (uri.getRawQuery() != null)
                path = uri.getRawPath() + "?" + uri.getRawQuery();

Some websites seem to work around invalid requests in their own (like google.com), others do not. The issue is reproducible on wi-fi.org.

Here's the diff that fixes it:

--- a/providers/netty/src/main/java/com/ning/http/client/providers/netty/NettyAsyncHttpProvider.java
+++ b/providers/netty/src/main/java/com/ning/http/client/providers/netty/NettyAsyncHttpProvider.java
@@ -597,7 +597,7 @@ public class NettyAsyncHttpProvider extends SimpleChannelUpstreamHandler impleme
             nettyRequest = new DefaultHttpRequest(HttpVersion.HTTP_1_0, m, AsyncHttpProviderUtils.getAuthority(uri));
         } else {
             String path = null;
-            if (isProxyServer(config, request))
+            if (isProxyServer(config, request) && !isSecure(uri))
                 path = uri.toString();
             else if (uri.getRawQuery() != null)
                 path = uri.getRawPath() + "?" + uri.getRawQuery();

I can submit a pull request, however it seems to somewhat intersect with the one for issue #202.

[slandelle]

Thanks!
If you plan on doing a PR, please wait a bit so I can properly fix #202 in both master and 1.7.x.

[w31rd0]

Sure!

[slandelle]

I agree with your proposal and will push it right now.
Could you try out the Grizzly provider and tell me if it's impacted too, please?

[w31rd0]

According to the code, Grizzly provider is impacted as well.

            if (useProxy) {
                if ((secure || httpCtx.isWSRequest) && !httpCtx.isTunnelEstablished(ctx.getConnection())) {
                    secure = false;
                    httpCtx.establishingTunnel = true;
                    builder.method(Method.CONNECT);
                    builder.uri(AsyncHttpProviderUtils.getAuthority(uri));
                } else {
                    builder.uri(uri.toString());
                }
            } else {
                builder.uri(uri.getPath());
            }

[slandelle]

Rollbacking, see #236

[slandelle]

@w31rd0 Feel free to join the discussion in #236