Per RFC 7540#6.4:
However, after sending the RST_STREAM, the sending endpoint MUST be
prepared to receive and process additional frames sent on the stream
that might have been sent by the peer prior to the arrival of the
RST_STREAM.
After the upstream large refactor, now only WebSocket sockets
have tunneling via HTTP/1 proxies. "Raw" sockets in the normal
socket pool don't have tunneling via HTTP/1 proxies, i.e.
CONNECT headers are not sent, instead the raw payload is sent
as-is to the HTTP/1 proxy, which makes it not work.
For the reference the official code does this:
- HTTP sockets via HTTP/1 proxies: normal pool, no tunneling.
- HTTPS sockets via HTTP/1 proxies: normal pool, no tunneling
but does its own proxy encapsulation.
- WS sockets via HTTP/1 proxies: WS pool, tunneling.
We want the normal pool because the WS pool has some extra
restrictions but we also want tunneling to expose a client socket
with the proxy built in.
Therefore we can force tunneling for all sockets. This will always
send CONNECT headers first and thus break HTTP client sockets via
HTTP/1 proxies, but since we don't use this combination this is ok.
