fix(proxy): fix a case when URL is nil

Author: zekker6

internal/proxy/reqlog.go

@@ -153,10 +153,20 @@ func (rl *RequestLogger) toLogEntry(req *RequestLog) *logging.Entry {
 
 // LogRequest captures request details and returns a log entry
 func (rl *RequestLogger) LogRequest(req *http.Request) (*RequestLog, []byte) {
+	// req.URL can be nil when goproxy's HTTPS handler fails to re-parse a
+	// malformed request line - the parse error is swallowed and the request
+	// is still dispatched. Fall back to RequestURI so logging never panics.
+	// https://github.com/elazarl/goproxy/blob/v1.8.3/https.go#L272-L274
+	urlStr := ""
+	if req.URL != nil {
+		urlStr = req.URL.String()
+	} else {
+		urlStr = req.RequestURI
+	}
 	entry := &RequestLog{
 		Timestamp:      time.Now(),
 		Method:         req.Method,
-		URL:            req.URL.String(),
+		URL:            urlStr,
 		RequestHeaders: redactHeaders(cloneHeaders(req.Header)),
 	}
 

internal/proxy/reqlog_test.go

@@ -59,6 +59,32 @@ func TestLogRequest_RedactsSensitiveHeaders(t *testing.T) {
 	}
 }
 
+// Regression: goproxy can dispatch HTTPS requests with a nil URL when its
+// internal url.Parse fallback fails. LogRequest must not panic in that case.
+// https://github.com/elazarl/goproxy/blob/v1.8.3/https.go#L272-L274
+func TestLogRequest_NilURL(t *testing.T) {
+	dir := t.TempDir()
+	rl, err := NewRequestLogger(dir, nil, false, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer func() { _ = rl.Close() }()
+
+	req := &http.Request{
+		Method:     "GET",
+		RequestURI: "/some/path",
+		Header:     http.Header{},
+	}
+
+	entry, _ := rl.LogRequest(req)
+	if entry == nil {
+		t.Fatal("expected entry, got nil")
+	}
+	if entry.URL != "/some/path" {
+		t.Errorf("URL = %q, want %q (falling back to RequestURI)", entry.URL, "/some/path")
+	}
+}
+
 func TestRequestLog_RedactionFields(t *testing.T) {
 	entry := &RequestLog{
 		Method:           "POST",

internal/proxy/server.go

@@ -255,6 +255,22 @@ func (s *Server) setupLogging() {
 		entry, reqBody := s.reqLogger.LogRequest(req)
 		ctx.UserData = entry
 
+		// goproxy can dispatch HTTPS requests with a nil URL when its own
+		// url.Parse fallback fails. Every downstream step here (credential
+		// injection, filtering, redaction, ask mode) dereferences req.URL,
+		// so we reject with 403 rather than panic.
+		// https://github.com/elazarl/goproxy/blob/v1.8.3/https.go#L272-L274
+		if req.URL == nil {
+			resp := BlockResponse(req, "malformed request: missing URL")
+			if entry != nil {
+				entry.FilterAction = string(FilterActionBlock)
+				entry.FilterReason = "malformed request: missing URL"
+				s.reqLogger.LogResponse(entry, resp, entry.Timestamp)
+				_ = s.reqLogger.Log(entry)
+			}
+			return nil, resp
+		}
+
 		// Inject credentials for matching domains
 		for _, injector := range s.credentialInjectors {
 			if injector.Match(req) {