Behaviour change when using /HTTPS/// targets: "Configuration error (confusing proxy mode) or prohibited port (see AllowUserPorts)"

Previously, apt-cacher-ng clients were able to use a sources.list entry like this to access https repositories:

deb http://HTTPS///packages.grafana.com/oss/deb stable main

No additional configuration was required. apt-cacher-ng fetched the remote package using https, cached it, and returned it over http to the client.

However, with apt-cacher-ng 3.7.4-1build1 in jammy, clients now get this error:

Err:1 http://HTTPS///packages.grafana.com/oss/deb stable InRelease
  403 Configuration error (confusing proxy mode) or prohibited port (see AllowUserPorts) [IP: 100.64.0.1 3142]

Looking through the source code, I was able to find the problem:

                if (startsWithSz(sReqPath, "/HTTPS///"))
                        sReqPath.replace(0, 6, PROT_PFX_HTTPS);
...
                if(cfg::pUserPorts)
                {
                        if(!cfg::pUserPorts->test(nPort))
                                return report_invport();
                }
                else if(nPort != 80)
                        return report_invport();

That is: apt-cacher-ng now restricts outgoing connections to port 80 only, unless you configure it otherwise (using AllowUserPorts, as the error says). The problem can be fixed by setting

AllowUserPorts: 80 443

in /etc/apt-cacher-ng/acng.conf

This is fine, once you know what the problem is.

My only issue is that this change in behaviour doesn't appear to be documented anywhere, so it appears as if it were a regression.

I checked in:
- apt-get changelog apt-cacher-ng
- /usr/share/doc/apt-cacher-ng/*.gz
- /usr/share/doc/apt-cacher-ng/html/howtos.html (where the /HTTPS/// trick is documented)

I think the resolution would be to mention it in at least one of those places.