-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use 'wss' connection from page served over http #169
Comments
Surely the spec allows it. Socket.IO-node should check if the connection is made using TLS instead of trying to determine the type of the websocket connection from the origin. |
Can we somehow fix this.. im getting the same error All of my services are SSL.. Any suggestions on a fix??? please |
ok, i'll have a go at a patch for this. thanks for the replies. |
here's a one-line fix for this issue:
|
I need this as well. |
This fix was applied as a part of #180 and this ticket should be closed. |
closing... |
the following code in "lib/socket.io/transports/websocket.js" returns a location header with the 'ws' scheme if the origin is not https, regardless of whether the websocket was opened with a 'wss' scheme:
i couldn't find anything in the websocket spec that disallows using 'wss' websocket connections from pages server over http, and in chromium this results in:
Error during WebSocket handshake: location mismatch: wss://hostname:port//node.js/realtime/websocket != ws://hostname:port//node.js/realtime/websocket
if i missed something, and the spec doesn't allow this, so be it. if not, i'm happy to work up a patch that allows the websocket data to use a tunnel even if the page html doesn't. (yes, there are use cases for this, as the network the html travels over may be trusted, while the websocket data may use a different, untrusted network.)
The text was updated successfully, but these errors were encountered: