New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 19 users

Issue metadata

Status: Fixed
Owner:
Closed: Aug 17
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: ----



Sign in to add a comment
link

Issue 335275: Add support for QUIC proxies

Reported by bengr@chromium.org, Jan 16 2014 Project Member

Issue description

The proxy types that Chromium supports currently require TCP connections (SOCKS, HTTP, SPDY). A new QUIC Proxy type must be added in order to speak QUIC to a proxy.
 

Comment 1 by rch@chromium.org, Jan 16 2014

It's also possible that we could auto-upgrade to QUIC to a proxy in the same way we do to an origin server, namely by reading a header.  In the case of the origin server, we use the Alternate-Protocol header.  For a proxy we could use something like Proxy-Alternate-Protocol (if we think A-P is an end-to-end header)

Comment 2 by dxie@chromium.org, Jan 27 2014

Status: Available

Comment 3 by rch@chromium.org, Jan 30 2014

Cc: mmenke@chromium.org cbentzel@chromium.org jar@chromium.org sidv@chromium.org bengr@chromium.org
 Issue 339591  has been merged into this issue.

Comment 4 by rch@chromium.org, Jan 30 2014

Cc: mdw@chromium.org
I should mention that until I get bona-fide QUIC proxy support wired up, it's possible to use --host-resolver-rules to effectively use a "QUIC proxy".  This is a fine way to to start playing around, but that's about it...

Comment 5 by jar@chromium.org, Jan 31 2014

Labels: -Pri-3 Pri-2
As a blocker for flywheel.... pushing up to P2 consideration.

Comment 7 by bugdroid1@chromium.org, Feb 5 2014

Project Member
------------------------------------------------------------------------
r249016 | rch@chromium.org | 2014-02-05T16:16:16.284818Z

Changed paths:
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/http/http_stream_factory_impl_job.cc?r1=249016&r2=249015&pathrev=249016
   M http://src.chromium.org/viewvc/chrome/trunk/src/net/quic/quic_network_transaction_unittest.cc?r1=249016&r2=249015&pathrev=249016

Enable QUIC proxies to be used for HTTP URLs.

BUG= 335275 

Review URL: https://codereview.chromium.org/138283005
------------------------------------------------------------------------

Comment 8 by bengr@chromium.org, Mar 10 2014

Is this fixed?

Comment 9 by rch@chromium.org, Mar 10 2014

No, we have support for fetching HTTP URLs over a QUIC proxy, but not HTTPS URLs.

Comment 10 by mmenke@chromium.org, Mar 10 2014

Sorry, you asked me for design suggestions on this a while back, but then that completely fell off my radar.

Comment 11 by bizzbys...@gmail.com, Mar 19 2014

Is there an open source proxy implementation that supports QUIC that I can use to test this?

Comment 12 by bengr@chromium.org, Apr 25 2014

Is this fixed?

Comment 13 by rch@chromium.org, Apr 25 2014

bengr: See comment #9.

It's on my list to eventually support HTTPS URLs via CONNECT through a QUIC proxy, but that's not yet implemented. I don't think you need that for what you're doing though, right?

Comment 14 by cbentzel@chromium.org, May 2 2014

Labels: Cr-Internals-Network-QUIC
Status: Started
#11: Not that I know of

Comment 15 by frnk...@gmail.com, Jun 13 2015

For those enterprises who use web filtering or for those service providers who offer web filtering as a service, is there a way to analyze the traffic to see which sites are visited (like SNI)?  If not, does Google have something in mind to make web filtering possible?

Comment 16 by mdw@chromium.org, Jun 16 2015

Re: #15: QUIC is encrypted, so no. QUIC support for proxies is separate from how a given proxy would be deployed and used by Chrome; in the case of Chrome Data Saver, it would fall back to using an HTTP connection if the ISP has blocked the canary URL (see: https://support.google.com/chrome/answer/3517349). But that is orthogonal to the underlying support to be able to establish a proxy connection over QUIC.

Comment 17 by lafo...@chromium.org, Oct 2 2015

Labels: Hotlist-Recharge
This issue likely requires triage.  The current issue owner may be inactive (i.e. hasn't fixed an issue in the last 30 days or commented in this particular issue in the last 90 days).  Thanks for helping out!

-Anthony

Comment 18 by mmenke@chromium.org, Oct 2 2015

Labels: -Cr-Internals-Network Cr-Internals-Network-Proxy

Comment 19 by cbentzel@chromium.org, Oct 5 2015

Should this be marked Fixed? I think this is already supported at this point.

Comment 20 by tbansal@chromium.org, Oct 5 2015

This is not completely fixed. See #9 and #13.

Comment 21 by bengr@chromium.org, Feb 22 2016

Status?

Comment 22 by tbansal@chromium.org, Oct 28 2016

Same as #20 above. Support for HTTPS CONNECT through a QUIC proxy is missing.

Comment 23 by rch@chromium.org, Oct 28 2016

I should mention that wangyix will be working on this after he finishes up net-internals work.

Comment 24 Deleted

Comment 25 by bugdroid1@chromium.org, Nov 8 2017

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed

commit 7891a39d8e0c673c59c4784b4ebca20ceaadb7ed
Author: Yixin Wang <wangyix@chromium.org>
Date: Wed Nov 08 20:59:24 2017

In QuicStreamRequest, remove CreateStream() and CreateBidirectionalStreamImpl().

The logic in CreateStream() and CreateBidirectionalStreamImpl() are inlined at their old call sites;
QuicStreamRequest::ReleaseSessionHandle() is added to be used at the old call sites to obtain the session retrieved by the QuicStreamRequest.
This change is in preparation for modifying HttpProxyClientSocketWrapper to be able to wrap around a QuicProxyClientSocket.

Bug:  335275 

Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
Change-Id: Ib90acd06a4977074e813caddfdc5fbe689be4ffa
Reviewed-on: https://chromium-review.googlesource.com/757298
Reviewed-by: Ryan Hamilton <rch@chromium.org>
Commit-Queue: Yixin Wang <wangyix@chromium.org>
Cr-Commit-Position: refs/heads/master@{#514935}
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/http/http_stream_factory_impl_job.cc
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/quic/chromium/quic_network_transaction_unittest.cc
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/quic/chromium/quic_stream_factory.cc
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/quic/chromium/quic_stream_factory.h
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/quic/chromium/quic_stream_factory_fuzzer.cc
[modify] https://crrev.com/7891a39d8e0c673c59c4784b4ebca20ceaadb7ed/net/quic/chromium/quic_stream_factory_test.cc

Comment 26 by bugdroid1@chromium.org, Nov 10 2017

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d107e066e08ba26679fd20b4a68eb362517b13b0

commit d107e066e08ba26679fd20b4a68eb362517b13b0
Author: Yixin Wang <wangyix@chromium.org>
Date: Fri Nov 10 21:57:46 2017

Add code to allow HttpProxyClientSocketWrapper to wrap around a QuicProxyClientSocket.

This is working towards supporting HTTPS tunneling over QUIC in Chrome.

Bug:  335275 
Cq-Include-Trybots: master.tryserver.chromium.android:android_cronet_tester;master.tryserver.chromium.mac:ios-simulator-cronet
Change-Id: I194538f5046d1d6fb0ca975d3c678270d8e6021a
Reviewed-on: https://chromium-review.googlesource.com/759758
Commit-Queue: Yixin Wang <wangyix@chromium.org>
Reviewed-by: Ryan Hamilton <rch@chromium.org>
Cr-Commit-Position: refs/heads/master@{#515701}
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/BUILD.gn
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_pool.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_pool.h
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_pool_unittest.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_wrapper.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_wrapper.h
[add] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_proxy_client_socket_wrapper_unittest.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/http/http_stream_factory_impl_job.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/quic/chromium/quic_http_utils.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/socket/client_socket_pool_manager.cc
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/socket/client_socket_pool_manager.h
[modify] https://crrev.com/d107e066e08ba26679fd20b4a68eb362517b13b0/net/socket/ssl_client_socket_pool_unittest.cc

Comment 27 by ryansturm@chromium.org, Jan 16 2018

Is this fixed by the last few CLs?

Comment 29 by dougarnett@chromium.org, Mar 22 2018

Please update the status if this is now resolved or else please summarize what remains to be done.

Comment 30 by k...@luminance.org, May 12 2018

Hi,

Should I be able to use QUIC + HTTP2 to connect to a proxy at this point? I have a HTTP2 forward proxy set up using the latest version of Caddy, started with QUIC enabled (caddy --quic), which is documented to work with chrome. I am starting Chrome using command line args to force quic for my proxy's origin and enable quic along with the proxy:

start chrome.exe --enable-quic --origin-to-force-quic-on=tokyo.luminance.org:8001 --proxy-server="https://tokyo.luminance.org:8001"

However, net-internals does not show a QUIC session to my proxy. My forced origin pref is shown in net-internals, so that parameter is being pushed through. If I connect to Google domains it does use QUIC for those according to net-internals. net-internals shows the proxy being used and requests being piped over HTTP2, so that part is definitely working.

Comment 31 by dougarnett@chromium.org, Jul 2 2018

Cc: wangyix@chromium.org
Please update that status on this bug. There have been multiple CLs landed against but no status updates.

Comment 32 by robertogden@chromium.org, Aug 17

Any updates here?

Comment 33 by rch@chromium.org, Aug 17

Status: Fixed (was: Started)
Sorry for the delay. The author of this feature is no longer on the project. In any case, I believe this has been fully implemented. You need to specify a proxy like:

--proxy-server="quic://tokyo.luminance.org:8001"

but it should work. (The

Comment 34 by bugdroid1@chromium.org, Dec 15

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4cbcbf17db00a0011b5d232617d25db0cd3bee10

commit 4cbcbf17db00a0011b5d232617d25db0cd3bee10
Author: Ryan Hamilton <rch@chromium.org>
Date: Sat Dec 15 05:16:14 2018

Re-enable support for sending HTTPS URLs via QUIC proxies, but only when
the finch param enable_quic_proxies_for_https_urls is set.

This effectively reverts
  https://chromium-review.googlesource.com/c/chromium/src/+/1375112
and then fixes the underlying bug.

Bug: 914497, 335275 
Change-Id: Ief24db4226c9d063219ab7df20cf72f23973be23
Reviewed-on: https://chromium-review.googlesource.com/c/1377709
Commit-Queue: Ryan Hamilton <rch@chromium.org>
Reviewed-by: Zhongyi Shi <zhongyi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#616958}
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/components/network_session_configurator/browser/network_session_configurator.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/components/network_session_configurator/browser/network_session_configurator_unittest.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/http/http_network_session.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/http/http_network_session.h
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/http/http_stream_factory_job.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/http/http_stream_factory_job_controller.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/quic/quic_network_transaction_unittest.cc
[modify] https://crrev.com/4cbcbf17db00a0011b5d232617d25db0cd3bee10/net/socket/client_socket_pool_manager.cc

Sign in to add a comment