fix: tolerate without a scheme

bridgecrewio · May 3, 2024 · 62e5596 · 62e5596
1 parent 2a79210
commit 62e5596
Showing 1 changed file with 9 additions and 6 deletions.
diff --git a/checkov/common/bridgecrew/platform_integration.py b/checkov/common/bridgecrew/platform_integration.py
@@ -319,17 +319,21 @@ def setup_http_manager(self, ca_certificate: str | None = None, no_cert_verify:
 
         if self.http:
             return
+        # The `https_proxy` environment variable might be scheme-less. urllib3.ProxyManager expects a scheme, so set
+        # to a default of http:// if missing.
+        parsed_proxy_url = urllib3.util.parse_url(os.environ['https_proxy'])
+        if not parsed_proxy_url.scheme:
+            parsed_proxy_url = parsed_proxy_url._replace(scheme='http')
         if ca_certificate:
             os.environ['REQUESTS_CA_BUNDLE'] = ca_certificate
             cert_reqs = 'CERT_NONE' if no_cert_verify else 'REQUIRED'
             logging.debug(f'Using CA cert {ca_certificate} and cert_reqs {cert_reqs}')
             try:
-                parsed_url = urllib3.util.parse_url(os.environ['https_proxy'])
                 self.http = urllib3.ProxyManager(
-                    os.environ['https_proxy'],
+                    parsed_proxy_url.url,
                     cert_reqs=cert_reqs,
                     ca_certs=ca_certificate,
-                    proxy_headers=urllib3.make_headers(proxy_basic_auth=parsed_url.auth),  # type:ignore[no-untyped-call]
+                    proxy_headers=urllib3.make_headers(proxy_basic_auth=parsed_proxy_url.auth),  # type:ignore[no-untyped-call]
                     timeout=self.http_timeout,
                     retries=self.http_retry,
                 )
@@ -344,11 +348,10 @@ def setup_http_manager(self, ca_certificate: str | None = None, no_cert_verify:
             cert_reqs = 'CERT_NONE' if no_cert_verify else None
             logging.debug(f'Using cert_reqs {cert_reqs}')
             try:
-                parsed_url = urllib3.util.parse_url(os.environ['https_proxy'])
                 self.http = urllib3.ProxyManager(
-                    os.environ['https_proxy'],
+                    parsed_proxy_url.url,
                     cert_reqs=cert_reqs,
-                    proxy_headers=urllib3.make_headers(proxy_basic_auth=parsed_url.auth),  # type:ignore[no-untyped-call]
+                    proxy_headers=urllib3.make_headers(proxy_basic_auth=parsed_proxy_url.auth),  # type:ignore[no-untyped-call]
                     timeout=self.http_timeout,
                     retries=self.http_retry,
                 )