bandit's hpax dependency's latest update causes HTTP2 compression network error randomly

[krainboltgreene]

Environment

• Elixir version (elixir -v):

Erlang/OTP 27 [erts-15.2] [source] [64-bit] [smp:10:10] [ds:10:10:10] [async-threads:1] [jit]

Elixir 1.17.3 (compiled with Erlang/OTP 27)

• Phoenix version (mix deps):

* phoenix 1.7.18 (Hex package) (mix)
  locked at 1.7.18 (phoenix) 1797fcc8
  ok

• Operating system: macos 13.7.1 (22H221)

Actual behavior

When you setup Phoenix with a self-signed certificate and make a request that includes a css, js, image, or ico that is handled by pheonix it returns (randomly) an HTTP compression error.

This is a result of Bandit's dependency hpax, which recently updated in elixir-mint/hpax#19

Details about the issue are here elixir-mint/hpax#20

Expected behavior

All assets are loaded correctly all the time.

Solution: Until hpax updates the phoenix project should pin 1.0.0, the last known stable version.

[mtrudel]

@krainboltgreene what browser is exhibiting this?

[mtrudel]

I'm unable to get a repro for this; working it over at elixir-mint/hpax#20 if anyone feels like helping with a repro. Fixing this won't be possible without one.

[krainboltgreene]

@mtrudel I was able to achieve the problem on Chrome and Firefox (latest). Noted my availability in the other thread.

[mtrudel]

Fixed in HPAX 1.0.2