From 3f038ef610e0768f32bd704bc5ae6bd2445c7306 Mon Sep 17 00:00:00 2001
From: usernametooshort <usernametooshort@users.noreply.github.com>
Date: Fri, 6 Mar 2026 07:12:32 +0100
Subject: [PATCH] fix(-pr http11): disable HTTP/2 fallback in retryablehttp
 when http11 protocol is set

When -pr http11 is used, httpx correctly sets TLSNextProto={} and
GODEBUG=http2client=0 to force HTTP/1.1. However retryablehttp-go's
automatic HTTP/2 fallback in do.go silently bypasses this:

  if err is malformed HTTP/2 response {
      resp, err = c.HTTPClient2.Do(req.Request)  // <- ignores http11 config
  }

This commit sets retryablehttpOptions.DisableHTTP2Fallback=true when
Protocol=="http11", ensuring the HTTP/1.1-only requirement is honoured
end-to-end.

Depends on: projectdiscovery/retryablehttp-go#532
Fixes: #2240
---
 common/httpx/httpx.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/common/httpx/httpx.go b/common/httpx/httpx.go
index 039f4c4c..de64f72d 100644
--- a/common/httpx/httpx.go
+++ b/common/httpx/httpx.go
@@ -154,9 +154,13 @@ func New(options *Options) (*HTTPX, error) {
 	}
 
 	if httpx.Options.Protocol == "http11" {
-		// disable http2
+		// disable http2 at transport level
 		_ = os.Setenv("GODEBUG", "http2client=0")
 		transport.TLSNextProto = map[string]func(string, *tls.Conn) http.RoundTripper{}
+		// also disable the HTTP/2 fallback in retryablehttp-go so that
+		// malformed-HTTP/2 errors do not cause a silent protocol upgrade
+		// via HTTPClient2 (see projectdiscovery/retryablehttp-go#532)
+		retryablehttpOptions.DisableHTTP2Fallback = true
 	}
 
 	if httpx.Options.SniName != "" {