6
[SOLVED] Can't access squid proxy via nodejs with axios (lemmy.pe1uca.dev)
submitted 11 months ago* (last edited 11 months ago) by pe1uca@lemmy.pe1uca.dev to c/programming@programming.dev
3 comments fedilink hide all child comments

I'm not sure in which community to ask this, if you know of a better one let me know.

I already have squid proxy working, if I set up my browser or curl to use the proxy all sites work properly.
But when I try to make a request with axios it doesn't work.

Here are the logs of squid
The first two lines are successful google connections are from a browser.
The 3rd line is a successful to google using curl.
The 4th line is a successful to ipify using curl.
The last two ones are the ones from node using axios

squid_proxy  | 1693406310.165  12043 127.0.0.1 TCP_TUNNEL/200 56694 CONNECT www.google.com:443 - HIER_DIRECT/142.250.217.132 -
squid_proxy  | 1693406310.166  10681 127.0.0.1 TCP_TUNNEL/200 47267 CONNECT apis.google.com:443 - HIER_DIRECT/142.250.176.14 -
squid_proxy  | 1693406325.551    497 127.0.0.1 TCP_TUNNEL/200 24778 CONNECT www.google.com:443 - HIER_DIRECT/142.250.217.132 -
squid_proxy  | 1693406336.829    403 127.0.0.1 TCP_TUNNEL/200 7082 CONNECT api.ipify.org:443 - HIER_DIRECT/64.185.227.156 -
squid_proxy  | 1693406361.410  12590 127.0.0.1 TCP_MISS/503 4358 GET https://api.ipify.org/? - HIER_NONE/- text/html
squid_proxy  | 1693406361.889    385 127.0.0.1 TCP_MISS/502 3948 GET https://www.google.com/ - HIER_DIRECT/142.250.217.132 text/html

The errors sent to axios are these:

# ipify
[No Error] (TLS code: SQUID_TLS_ERR_CONNECT+GNUTLS_E_FATAL_ALERT_RECEIVED)
SSL handshake error (SQUID_TLS_ERR_CONNECT)  
This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.  

# google
The system returned: [No Error]

My code looks like this

const axios = new Axios({
	proxy: {
		host: proxyIP,
		port: proxyPort,
		protocol: 'http'
	}
});

const ip = await axios.get('https://api.ipify.org?format=json');
console.log(ip.data);


const res = await axios.get('https://www.google.com');
console.log(res.data);

Any idea what might be happening?

I'm not sure if axios handles the connection in a different way since the logs from the browser show CONNECT and axios shows GET, but maybe that's because it's failing to actually connect and it only logs the request method.

top 3 comments
sorted by: hot top controversial new old
[-] nick@campfyre.nickwebster.dev 1 points 11 months ago

Might be worth asking in !selfhosted@lemmy.world

[-] Max_P@lemmy.max-p.me 1 points 11 months ago

Your assumption is correct, Axios is using the proxy differently. The recommended way for HTTPS over a proxy is to use the CONNECT method, which just passes through the traffic directly and allows for proper end to end encryption.

Axios just asks the proxy to get it over HTTPS as it would HTTP, and it seems Squid isn't configured correctly and can't handle outgoing TLS. You might need to enable TLSv2/TLSv3 in Squid, as the error says it couldn't agree on security settings and one of them is probably using outdated ciphers.

[-] pe1uca@lemmy.pe1uca.dev 1 points 11 months ago

You're right, thank you for pointing me into the right direction!

I found this explanation https://stackoverflow.com/questions/11697943/when-should-one-use-connect-and-get-http-methods-at-http-proxy-server
And this issue with axios which includes the current workaround https://github.com/axios/axios/issues/4531

this post was submitted on 30 Aug 2023
6 points (87.5% liked)

Programming

16687 readers
267 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 1 year ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz