Skip to content

Commit

Permalink
don't allow use of the default transport
Browse files Browse the repository at this point in the history 
Signed-off-by: Achille Roussel <achille.roussel@gmail.com>
  • Loading branch information
@achille-roussel
achille-roussel committed Feb 1, 2024
1 parent e84e334 commit 0b650e6
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions transport.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,13 @@ func (t *Transport) grabTransport(rules *Rules) *http.Transport {
func (t *Transport) newTransport(rules *Rules) *http.Transport {
transport := t.New()

// Don't accept the default transport, this could result in reusing
// connections that were established before the network access control
// rules were applied.
if t, ok := http.DefaultTransport.(*http.Transport); ok && t == transport {
panic("netjail: transport returned by New is the default transport")
}

// Extract the dial function used by the transport so we can wrap it
// with the network access control check.
dialContext := transport.DialContext
Expand Down

0 comments on commit 0b650e6

Please sign in to comment.