Allow empty password in proxy auth

client_server_test.go

@@ -207,39 +207,54 @@ func TestProxyAuthorizationDial(t *testing.T) {
 	defer s.Close()
 
 	surl, _ := url.Parse(s.Server.URL)
-	surl.User = url.UserPassword("username", "password")
 
 	cstDialer := cstDialer // make local copy for modification on next line.
 	cstDialer.Proxy = http.ProxyURL(surl)
 
-	connect := false
 	origHandler := s.Server.Config.Handler
 
-	// Capture the request Host header.
-	s.Server.Config.Handler = http.HandlerFunc(
-		func(w http.ResponseWriter, r *http.Request) {
-			proxyAuth := r.Header.Get("Proxy-Authorization")
-			expectedProxyAuth := "Basic " + base64.StdEncoding.EncodeToString([]byte("username:password"))
-			if r.Method == http.MethodConnect && proxyAuth == expectedProxyAuth {
-				connect = true
-				w.WriteHeader(http.StatusOK)
-				return
-			}
+	tests := []struct {
+		user              *url.Userinfo
+		expectedProxyAuth string
+	}{
+		{
+			user:              url.UserPassword("username", "password"),
+			expectedProxyAuth: "Basic " + base64.StdEncoding.EncodeToString([]byte("username:password")),
+		},
+		{
+			user:              url.User("username"),
+			expectedProxyAuth: "Basic " + base64.StdEncoding.EncodeToString([]byte("username:")),
+		},
+	}
 
-			if !connect {
-				t.Log("connect with proxy authorization not received")
-				http.Error(w, "connect with proxy authorization not received", http.StatusMethodNotAllowed)
-				return
-			}
-			origHandler.ServeHTTP(w, r)
-		})
+	for _, tc := range tests {
+		surl.User = tc.user
+		connect := false
+		// Capture the request Host header.
+		s.Server.Config.Handler = http.HandlerFunc(
+			func(w http.ResponseWriter, r *http.Request) {
+				proxyAuth := r.Header.Get("Proxy-Authorization")
+				if r.Method == http.MethodConnect && proxyAuth == tc.expectedProxyAuth {
+					connect = true
+					w.WriteHeader(http.StatusOK)
+					return
+				}
 
-	ws, _, err := cstDialer.Dial(s.URL, nil)
-	if err != nil {
-		t.Fatalf("Dial: %v", err)
+				if !connect {
+					t.Log("connect with proxy authorization not received")
+					http.Error(w, "connect with proxy authorization not received", http.StatusMethodNotAllowed)
+					return
+				}
+				origHandler.ServeHTTP(w, r)
+			})
+
+		ws, _, err := cstDialer.Dial(s.URL, nil)
+		if err != nil {
+			t.Fatalf("Dial: %v", err)
+		}
+		defer ws.Close()
+		sendRecv(t, ws)
 	}
-	defer ws.Close()
-	sendRecv(t, ws)
 }
 
 func TestDial(t *testing.T) {

proxy.go

@@ -59,10 +59,9 @@ func (hpd *httpProxyDialer) DialContext(ctx context.Context, network string, add
 	connectHeader := make(http.Header)
 	if user := hpd.proxyURL.User; user != nil {
 		proxyUser := user.Username()
-		if proxyPassword, passwordSet := user.Password(); passwordSet {
-			credential := base64.StdEncoding.EncodeToString([]byte(proxyUser + ":" + proxyPassword))
-			connectHeader.Set("Proxy-Authorization", "Basic "+credential)
-		}
+		proxyPassword, _ := user.Password()
+		credential := base64.StdEncoding.EncodeToString([]byte(proxyUser + ":" + proxyPassword))
+		connectHeader.Set("Proxy-Authorization", "Basic "+credential)
 	}
 	connectReq := &http.Request{
 		Method: http.MethodConnect,