[PR aio-libs#12238/24cb8c9c backport][3.14] Skip TLS-in-TLS warning when proxy is not HTTPS (aio-libs#12248)

patchback[bot] · wavebyrd · web-flow · commit 2b256cfe7d92 · 2026-03-16T21:42:28.000Z
**This is a backport of PR aio-libs#12238 as merged into master (24cb8c9).** Co-authored-by: wavebyrd <160968744+wavebyrd@users.noreply.github.com>
diff --git a/CHANGES/10683.bugfix.rst b/CHANGES/10683.bugfix.rst
@@ -0,0 +1 @@
+Fixed misleading TLS-in-TLS warning being emitted when sending HTTPS requests through an HTTP proxy. The warning now only fires when the proxy itself uses HTTPS, which is the only case where TLS-in-TLS actually applies -- by :user:`wavebyrd`.
diff --git a/aiohttp/connector.py b/aiohttp/connector.py
@@ -1387,6 +1387,12 @@ def _warn_about_tls_in_tls(
         if req.request_info.url.scheme != "https":
             return
 
+        # TLS-in-TLS only applies when the proxy itself is HTTPS.
+        # When the proxy is HTTP, start_tls upgrades a plain TCP connection,
+        # which is standard TLS and works on all event loops and Python versions.
+        if req.proxy is None or req.proxy.scheme != "https":
+            return
+
         # Check if uvloop is being used, which supports TLS in TLS,
         # otherwise assume that asyncio's native transport is being used.
         if type(underlying_transport).__module__.startswith("uvloop"):

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	+Fixed misleading TLS-in-TLS warning being emitted when sending HTTPS requests through an HTTP proxy. The warning now only fires when the proxy itself uses HTTPS, which is the only case where TLS-in-TLS actually applies -- by :user:`wavebyrd`.