Summary: | Websockets connections fail with Apache as forward proxy | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Bjoern Voigt <bjoernv> |
Component: | mod_proxy | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED WORKSFORME | ||
Severity: | normal | ||
Priority: | P2 | ||
Version: | 2.4.46 | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | Linux |
Description
Bjoern Voigt
2021-05-04 15:07:00 UTC
The Websocket echo test still fails with Apache HTTPD 2.4.18. > This is a minimal proxy configuration which shows the issue: > > <IfModule mod_proxy.c> > ProxyRequests On > <Proxy *> > Require ip 192.168.1.0/255.255.255.0 127.0.0.0/255.0.0.0 ::1 > </Proxy> > </IfModule> It tried that with firefox and it seems that websocket.org issues a "CONNECT echo.websocket.org:80 HTTP/1.1" request when clicking on the "connect" button (port 80 or 443 depending on schemes ws: or wss: respectively). So it works for me with: LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_connect_module modules/mod_proxy_connect.so AllowCONNECT 80 443 ProxyRequests On <Proxy *> Require ip ... </Proxy> But I agree that a "GET http://echo.websocket.org:80/ HTTP/1.1" request wouldn't work with WebSocket because the generic forward proxy worker does not handle Upgrade for now. Not sure it's worth it though with nowadays TLS everywhere.. Yann Ylavic wrote: > But I agree that a "GET http://echo.websocket.org:80/ HTTP/1.1" request > wouldn't work with WebSocket because the generic forward proxy worker > does not handle Upgrade for now. Not sure it's worth it though with > nowadays TLS everywhere.. After testing your HTTPD configuration and additional testing with different browsers and with my original HTTPD configuration, I found that my daily Firefox profile seems to cause the problem. Disabling all add-ons does not help. But Firefox with a new profile (and proxy settings of cause) works. http://www.websocket.org/echo.html (without SSL) seems to be broken. How do you tested this? After cleaning my proxy settings in Firefox ("SOCKS Host" was set to "localhost" which never caused problems) also my daily Firefox profile works now. I found this Firefox hint here: https://askubuntu.com/a/890539 Sorry, I think, HTTPD is okay and this bug can be closed. |