-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure no blank Sec-Websocket-Protocol
headers and warn if websocket subprotocol edge case occur
#458
Conversation
a61619a
to
4d9cd5b
Compare
@consideRatio I merged |
Sec-Websocket-Protocol
headers and warn about other websocket issues
Sec-Websocket-Protocol
headers and warn about other websocket issuesSec-Websocket-Protocol
headers and warn about another websocket issue
Sec-Websocket-Protocol
headers and warn about another websocket issueSec-Websocket-Protocol
headers and warn if websocket subprotocol edge case occur
51759fc
to
eda6136
Compare
Rebased to be put on top of #457 not bundled with this PR but with commits now in main. |
I was able to confirm this fixed our issue on the NASA side (FYI @zoghbi-a)! Thanks so much @consideRatio for patching this bug and @benz0li for helping with the investigation! Glad to see a powerful example of open source community coming together to fix this issue :) We look forward to the 4.1.1 release! |
This PR ensures we don't pass a blank
Sec-Websocket-Protocol
header (Sending a blank header is incorrect) when we proxy a websocket. This fixes #442, fixes #445, is assumed to fix #332, and closes #448.This project currently proxies websockets by first accepting an incomming websocket connection were a subprotocol is established, and then opening a websocket connection to a server to proxy to. This is a problem and can lead to bugs that we now warn about. This PR adds tests to document our current problematic handling.
Thank you @duytnguyendtn, @zoghbi-a, and @benz0li for working this - this is building a lot on their investigation and conclusions, which were critical as I didn't understand much about this before.