"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes: > Many corporate environments and local systems have proxies in use. Note > the situations in which proxies can be used and how to configure them. > At the same time, note what standards a proxy must follow to work with > Git. Explicitly call out certain classes that are known to routinely > have problems reported various places online, including in the Git for > Windows issue tracker and on Stack Overflow, and recommend against the > use of such software. The new section only talks about http(s), but I recall Peff recently helped folks with broken invocation of socat, a relay that does not handle severing connection only in one direction very well. I wonder if it fits in this section. > Signed-off-by: brian m. carlson <sandals@xxxxxxxxxxxxxxxxxxxx> > --- > Documentation/gitfaq.txt | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > > diff --git a/Documentation/gitfaq.txt b/Documentation/gitfaq.txt > index 946691c153..abc0f62e6c 100644 > --- a/Documentation/gitfaq.txt > +++ b/Documentation/gitfaq.txt > @@ -241,6 +241,24 @@ How do I know if I want to do a fetch or a pull?:: > ignore the upstream changes. A pull consists of a fetch followed > immediately by either a merge or rebase. See linkgit:git-pull[1]. > > +[[proxy]] > +Can I use a proxy with Git?:: > + Yes, Git supports the use of proxies. Git honors the standard `http_proxy`, > + `https_proxy`, and `no_proxy` environment variables commonly used on Unix, and > + it also can be configured with `http.proxy` and similar options for HTTPS (see > + linkgit:git-config[1]). The `http.proxy` and related options can be > + customized on a per-URL pattern basis. In addition, Git can in theory > + function normally with transparent proxies that exist on the network. > ++ > +However, note that for Git to work properly, the proxy must be completely > +transparent. The proxy cannot modify, tamper with, change, or buffer the > +connection in any way, or Git will almost certainly fail to work. Note that > +many proxies, including many TLS middleboxes, Windows antivirus and firewall > +programs other than Windows Defender and Windows Firewall, and filtering proxies > +fail to meet this standard, and as a result end up breaking Git. Because of the > +many reports of problems, we recommend against the use of these classes of > +software and devices. > + > Design > ------ >
