Fixes #48948

Change-Id: I411e3be99c7979ae289fd937388aae63d81adb59
GitHub-Last-Rev: 14abd7e4d774...

Change-Id: I5ebfc6a89323cc086ea0e0b619370dc45da1f3a3
Reviewed-on: https://go-review.googlesource...

The test had been setting an arbitrary 200ms timeout to allow the
server's handler to set up bef...

This test assumes that two successive TCP connections will use different
source ports. This does...

Co-authored-by: Alex Willmer <[email protected]> (GitHub @moreati)
Co-authored-by: Alexander Y...

Pull in approved backports to golang.org/x/net/http2:

95aca89 set ContentLength to -1 for HEAD...

The upstream cmd/bundle tool does not yet omit it,
and the longtest builders test that the gener...

When these packages are released as part of Go 1.18,
Go 1.16 will no longer be supported, so we ...

The net/http package has a documented contract that if DialContext, DialDLSContext, Dial or Dial...

The Content-Length was incorrectly set to 0 for ill-formed and invalid
values. In these cases, r...

Fixes #48861

Change-Id: I3f55bfbdc4f2cf5b33d1ab2d76e01335bb497c6f
GitHub-Last-Rev: 0ecd790b87dd...

Merge go1.17.2

A user wrote me privately mentioning that if they configure a proxy
with `oohttp.Transport.Prox...

Fixes #48120

Change-Id: I72e89af8aaf3310e348d8ab639925ce0bf84204d
Reviewed-on: https://go-revie...

This change allows httputil.ReverseProxy to detect SSE (server-sent events)
content when the res...

The (*http.Cookie).String method used by SetCookie will silently discard
or sanitize any fields ...

Fixes #48564.
Fixes #23559.

Change-Id: I8e0b646c4791d3a6fb17df1af0a7175b68ce8983
Reviewed-on: h...

Many uses of Index/IndexByte/IndexRune/Split/SplitN
can be written more clearly using the new Cu...

RFC 2616 permits multiple digits in the major and minor numbers of an
HTTP version:

https://da...

The "curl" binary is already used at several other places inside
the code base, whereas this was...

Not forwarding the context is a huge issue in itself because
we lose the possibility of cancelli...

Fixes the issue that otherwise we don't honour the stdReq.Host field
and possibly any other fiel...

Otherwise, the behavior is quite unexpected when you try to
cancel a request or when you enforce...

Fix a hang that occurs when making a request and all of the following apply:
* The request metho...

When recovering from a panic in a HTTP handler, close the request body
before closing the *conn,...

For #47692.

Change-Id: I40d5a3ed245b99de5e82e336f955c60b58880cdb
Reviewed-on: https://go-review...

For #42777.

Change-Id: I963db8c666e8bcf0fc4f390b359db6408a0f792b
Reviewed-on: https://go-review...

Merged from upstream: go1.17

As part of merging, I made sure that `*tls.Conn` is not used any...

Conflicts:
cgi/integration_test.go
cookiejar/jar.go
fcgi/fcgi_test.go
header.go
http_test.g...

Change-Id: Ia6df881badf9a704c7f56967404d37e230b88a09
Reviewed-on: https://go-review.googlesource...

Requested by @kelmenhorst

This diff adds a wrapper for `Transport` that looks like an `http.Transport`.

Part of https:/...

Don't let handlers inject unexpected headers by setting keys like:
w.Header().Set("Evil: x\r\nS...

Since the paths are different in this fork, we need to adjust such
a filter, otheriwse `go test...

OONI copyright of course only applies to code written by us.

Merge go1.16.7

With this abstraction in place, it's quite easy to use
github.com/refraction-networkings/utls w...

finish forking: make sure most test pass w/o errors

Again, I do not fully understand why there are differences and maybe
one day I will, but this si...

While I understand different prefixes, it is not fully clear to me
the `relevantCaller` part. No...

finish forking: make sure that `go test ./...` builds

We cannot depend on stdlib internal pkgs.

We need to depend on our fork not on stdlib.

We cannot depend on stdlib internal pkgs.

We cannot depend on stdlib internal pkgs.

finish forking: remove net/http dep and ensure go build ./... works

We cannot import internal packages in the Go standard library.

There is code in OONI that is us...

We cannot access internal packages in the Go standard library.

Here the simples action seems to...

Verified we don't depend anymore from `net/http` by running:

```
go list -f '{{ .Imports }}' ./...

This test made many requests over the same connection for 10
seconds, trusting that this will ex...

This test made many requests over the same connection for 10
seconds, trusting that this will ex...

Reading from an incoming request body after the request handler aborts
with a panic can cause a ...

Reading from an incoming request body after the request handler aborts
with a panic can cause a ...

Change-Id: I7acda22c01c5350ebf5ddabb1c12af96d368de5d
GitHub-Last-Rev: 3e5c022f8764d4abf91c964ceb...

Change-Id: I55b6d5c77221569eeafea625379affd476a65772
Reviewed-on: https://go-review.googlesource...

CL 249238 changes ResponseWriter.ReadFrom to probe the source with
a single read of sniffLen byt...

Change-Id: I04662a08e07c49f629f9067a89bf453e697d44dd
Reviewed-on: https://go-review.googlesource...

The net/http/internal package contains a PEM-encoded private key used in
tests. This key is init...

Fixes #45973

Change-Id: I6cbe05f5d1d3c324900c74314b0ea0e12524d7f2
Reviewed-on: https://go-revie...

Semicolons are no longer valid separators, so
net/url.ParseQuery will now return an error
if any...

CL 249238 changes ResponseWriter.ReadFrom to probe the source with
a single read of sniffLen byt...

If the client request never makes it to the server, the outstanding
accept is never broken. Chan...

Previously, we'd fail to remove the Connection header from a request
like this:

Connection:...

The documentation of the Client.Do method and Get function incorrectly
stated that, in case of c...

Previously, we'd fail to remove the Connection header from a request
like this:

Connection:...

If a filepath.WalkFunc returns filepath.SkipDir when invoked on a
non-directory file, it skips t...

If the client request never makes it to the server, the outstanding
accept is never broken. Chan...

Change-Id: Id991d8e81e04835cabfb02d07a2199bfb553726c
GitHub-Last-Rev: 5d0b55d49127a2e2ba3148d20a...

Change-Id: I398aff06bec95077bfff02bfb067aa949b70c184
Reviewed-on: https://go-review.googlesource...

The current implementation uses UTF-aware functions
like strings.EqualFold and strings.ToLower.
...

Fixes #45789

Change-Id: Id588f5dbbecf5fbfb54e957c53903aaa900171f2
Reviewed-on: https://go-revie...

The Go 1.17 freeze has begun. This is a time to update all
golang.org/x/... module versions tha...

If the cleaned path did not match the requested path, ServeMux.Handler
would return a Location h...

There was a race condition that could lead to child.serveRequest
removing the request ID before ...

Close #43624

Change-Id: Ifaea3d8ec2aeabbd923abf5edd7497172dbf855a
GitHub-Last-Rev: ea3ef953a1db...

Fixes #45513

Change-Id: I59e717a4bbd3e71320deff519e4f9587ee5c8756
Reviewed-on: https://go-revie...