I was using http proxy to git clone projects from github , the proxy worked well for most projects , but for few projects which include submodules I got error like below:

Fatal: unable to access https://github.com/xxxx/xxxx.git/  : Received HTTP code 407 from proxy after CONNECT

Solutions:

$ git config --global http.proxyAuthMethod basic

Run above command to specify git http proxy Authentication Method to basic but not the default one anyauth

Alternatively , if you would like to use linux bash environment variable , you can use below command

export GIT_HTTP_PROXY_AUTHMETHOD=basic

Wait but why

As per https://git-scm.com/docs/git-config#git-config-httpproxyAuthMethod

http.proxyAuthMethod

    Set the method with which to authenticate against the HTTP proxy. This only takes effect if the configured proxy string contains a user name part (i.e. is of the form user@host or user@host:port). This can be overridden on a per-remote basis; see remote.<name>.proxyAuthMethod. Both can be overridden by the GIT_HTTP_PROXY_AUTHMETHOD environment variable. Possible values are:

        anyauth - Automatically pick a suitable authentication method. It is assumed that the proxy answers an unauthenticated request with a 407 status code and one or more Proxy-authenticate headers with supported authentication methods. This is the default.

        basic - HTTP Basic authentication

        digest - HTTP Digest authentication; this prevents the password from being transmitted to the proxy in clear text

        negotiate - GSS-Negotiate authentication (compare the --negotiate option of curl(1))

        ntlm - NTLM authentication (compare the --ntlm option of curl(1))

You can see git supports several http proxy authentication methods ,and the default one is anyauth which means pick a suitable authentication method. So one possibility is with option recurse-submodules git behaviors a little bit different since force the authentication method to basic works well.