diff options
| author | Adam Mathes <adam@adammathes.com> | 2026-02-18 08:01:45 -0800 |
|---|---|---|
| committer | Adam Mathes <adam@adammathes.com> | 2026-02-18 08:01:45 -0800 |
| commit | ee3f5edab92b0ca14dc0b3c98862f721bddaf7d5 (patch) | |
| tree | 251176720365ee88c8b6d68dff8e0e21b1f65c7c | |
| parent | 5376acd4316b8007efe6ad4a9d82106dc72c6405 (diff) | |
| download | neko-ee3f5edab92b0ca14dc0b3c98862f721bddaf7d5.tar.gz neko-ee3f5edab92b0ca14dc0b3c98862f721bddaf7d5.tar.bz2 neko-ee3f5edab92b0ca14dc0b3c98862f721bddaf7d5.zip | |
fix: disable HTTP/2 in SafeClient to avoid unhandled response frame errors
| -rw-r--r-- | internal/safehttp/safehttp.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/internal/safehttp/safehttp.go b/internal/safehttp/safehttp.go index f2c316b..eade405 100644 --- a/internal/safehttp/safehttp.go +++ b/internal/safehttp/safehttp.go @@ -2,6 +2,7 @@ package safehttp import ( "context" + "crypto/tls" "fmt" "net" "net/http" @@ -82,6 +83,11 @@ func NewSafeClient(timeout time.Duration) *http.Client { transport.DialContext = SafeDialer(dialer) transport.Proxy = nil // Disable proxy to ensure SSRF checks are not bypassed + // Disable HTTP/2 to avoid "unhandled response frame type" errors from servers with + // non-standard HTTP/2 implementations, which is common among various RSS feed hosts. + transport.ForceAttemptHTTP2 = false + transport.TLSNextProto = make(map[string]func(string, *tls.Conn) http.RoundTripper) + return &http.Client{ Timeout: timeout, Transport: transport, |