feat(browse): Honor system proxy env vars (HTTPS_PROXY / BROWSE_PROXY) for chromium launch#1263
Closed
rssprivacy-commits wants to merge 1 commit intogarrytan:mainfrom
Closed
Conversation
Playwright's chromium.launch() does not auto-read HTTPS_PROXY/HTTP_PROXY environment variables — they must be passed explicitly via the `proxy` launch option. Without this, users behind a corporate/VPN proxy see ERR_TUNNEL_CONNECTION_FAILED or ERR_SSL_UNRECOGNIZED_NAME_ALERT errors when navigating to public URLs. This change reads the system proxy from environment and passes it through to Playwright's launch options. Backward-compatible: zero effect when no proxy env vars are set. Adds a new optional `BROWSE_PROXY` env var (takes priority over standard HTTPS_PROXY) to support fakeip/TUN environments where the HTTP proxy resolves DNS locally to fake addresses. Setting BROWSE_PROXY to a socks5://host:port URL forces remote DNS resolution at the proxy, bypassing the fake IP issue. Common scenario: mihomo/clash with mixed-port + fakeip mode (the user must opt in via socks5:// URL). Tested in a fakeip + mihomo mixed-port (1082) environment: - HTTPS_PROXY=http://127.0.0.1:1082 → still fails (HTTP CONNECT carries fakeip in destination) - BROWSE_PROXY=socks5://127.0.0.1:1082 → succeeds (SOCKS5 sends hostname, proxy resolves remotely)
Owner
|
Thanks @rssprivacy-commits — closing as deferred. System proxy env handling has been partially addressed in v1.30 (#1391); if a specific gap remains on current main, a focused PR with the missing case would land easier. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds proxy support to
gstack browseby passing system proxy env varsthrough to Playwright's
chromium.launch({ proxy: ... })option.Without this, users behind a corporate/VPN proxy see
ERR_TUNNEL_CONNECTION_FAILEDorERR_SSL_UNRECOGNIZED_NAME_ALERTwhen navigating to public URLs — Playwright does not auto-read
HTTPS_PROXYfor chromium launch.Behavior
BROWSE_PROXY(priority) →HTTPS_PROXY→HTTP_PROXYfrom envNO_PROXYfor bypass listproxylaunch optionWhy a separate
BROWSE_PROXYoverride?Some environments (mihomo/clash with
mixed-port+fakeip/ TUN mode)make the system HTTP proxy resolve DNS to fake addresses locally, then
forward via HTTP CONNECT. Chromium honors that and sends fakeip in the
CONNECT line, which the proxy can't route.
BROWSE_PROXY=socks5://host:portlets the user opt into SOCKS5 protocol,which does remote DNS at the proxy — bypassing the fake IP. The standard
HTTPS_PROXYpath is preserved for regular HTTP proxies.Test plan
HTTPS_PROXY=http://corp-proxy:8080: chromium routes through itBROWSE_PROXY=socks5://127.0.0.1:1082in mihomo + fakeip env:navigation succeeds (verified end-to-end with public TLS sites)
NO_PROXY=localhost,127.0.0.1: bypass list applied via PlaywrightDiff
13 lines added in
browse/src/browser-manager.ts. No changes elsewhere.Need help on this PR? Tag
@codesmithwith what you need.