You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I had noticed that autobahn strictly enforces the RFC https://tools.ietf.org/html/rfc7230#section-5.4. As far as I can tell(I could be wrong) the externalPort isn't used anywhere else apart from the check at https://github.com/crossbario/autobahn-python/blob/master/autobahn/websocket/protocol.py#L2611-L2633.
The problem arises when this is used inside a system such as Kubernetes, where there's an optional SSL termination at edge, all requests are routed via an Ingress node. This means all users have to set the external port to 80. (Even though outside it's 443).
I found the issue from RobotWebTools/rosbridge_suite#468, by internally switching the library, it broke compatibility with no way to maintain backward compatibility.
Would you consider making the externalPort check non-default and having a strict enforce mode?
The text was updated successfully, but these errors were encountered:
No, Autobahn implements RFC6455, and removing the check per-default would divert from the standard.
However: Autobahn provides the option to properly feed the external port to the check via externalPort or disable the check by providing None for that.
@oberstet It looks like even if you set externalPort to None, it'd still pick up the port from URL and set it to externalPort. Should this be the case?
Hello,
I had noticed that autobahn strictly enforces the RFC https://tools.ietf.org/html/rfc7230#section-5.4. As far as I can tell(I could be wrong) the externalPort isn't used anywhere else apart from the check at https://github.com/crossbario/autobahn-python/blob/master/autobahn/websocket/protocol.py#L2611-L2633.
The problem arises when this is used inside a system such as Kubernetes, where there's an optional SSL termination at edge, all requests are routed via an Ingress node. This means all users have to set the external port to 80. (Even though outside it's 443).
I found the issue from RobotWebTools/rosbridge_suite#468, by internally switching the library, it broke compatibility with no way to maintain backward compatibility.
Would you consider making the externalPort check non-default and having a strict enforce mode?
The text was updated successfully, but these errors were encountered: