Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Websocket return 403 upon upgrade request ? #1665

Closed
AlwaysNoobCoder opened this issue Apr 18, 2024 · 4 comments
Closed

Websocket return 403 upon upgrade request ? #1665

AlwaysNoobCoder opened this issue Apr 18, 2024 · 4 comments

Comments

@AlwaysNoobCoder
Copy link

Hello, I am using vitejs which use this library.

I configed vite to proxy my websocket endpoint like below:

server: {
      host: "portal-local.itps.xxx.com",
      port: Number(env.VITE_APP_PORT),
      open: true,
      https: {
        key: fs.readFileSync(
          "/home/ggfan/2-work/git/itps/1A-IaaS-Manifests/kubernetes/1.27/ssl/certs/itps.xxx.com/privkey.pem"
        ),
        cert: fs.readFileSync(
          "/home/ggfan/2-work/git/itps/1A-IaaS-Manifests/kubernetes/1.27/ssl/certs/itps.xxx.com/fullchain.pem"
        ),
      },
      proxy: {
        ["/pus"]: {
          changeOrigin: true,
          target: "http://localhost:8080",
          // secure: false,
          rewrite: (path) => path.replace(/^\/pus/, ""),
          /*
          cookieDomainRewrite: {
            "itps.xxx.com": "localhost",
          },
          */
          configure: proxyConfig,
        },
        ["/ws"]: {
          changeOrigin: true,
          target: "http://localhost:8080",
          ws: true,
          secure: false,
          rewrite: (path) => path.replace(/^\/ws/, ""),
          configure: proxyConfig,
        },
      },
    }

but when connecting to it in browser:

SEAExportDialog.vue:104 WebSocket connection to 'wss://portal-local.itps.xxx.com:3000/ws/export/sea/users' failed:

图片

using wireshark it shows that vite's proxy server returned 403:

GET /ws/export/sea/users HTTP/1.1
Host: portal-local.itps.xxx.com:3000
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
Upgrade: websocket
Origin: https://portal-local.itps.xxx.com:3000
Sec-WebSocket-Version: 13
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: zh-CN,zh;q=0.9
Cookie: _oauth2_proxy=X29hdXRoMl9wcm94eS00ZWU3OTM2NTIwYWYxNjBjNjZlNGQ4ODJkNTA0OGE4Yy5NM0FOUzVJRlBTV2JkN1g2Zlh6RWtB|1713431461|XkFGp00nkvsob926le3vxJ61wpGV44gtE1GeZcl4eEg=
Sec-WebSocket-Key: FLMsmXSIxrT0bV1TA8yd/Q==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Sec-WebSocket-Protocol: WebSocket

HTTP/1.1 403 
content-length: 0
date: Thu, 18 Apr 2024 09:24:37 GMT

I asked help in vitejs's repo, but get ignored.

I really hope can get some help here.

best regards.
@AlwaysNoobCoder
Copy link
Author

I fixed this by allow * orgins

@johnhunter
Copy link

I fixed this by allow * orgins

@AlwaysNoobCoder Do you mean you configured your socket server to accept all origins?

I have a similar issue vitejs/vite#16557 where the changeOrigin setting does have any effect and the origin does not match the target host which is recommended in RFC 6455

@AlwaysNoobCoder
Copy link
Author

AlwaysNoobCoder commented May 6, 2024
edited
Loading

I fixed this by allow * orgins

@AlwaysNoobCoder Do you mean you configured your socket server to accept all origins?

I have a similar issue vitejs/vite#16557 where the changeOrigin setting does have any effect and the origin does not match the target host which is recommended in RFC 6455

Yes, I configured my socket server to accept all origins

@johnhunter
Copy link

I think this was a regression. See #1669

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johnhunter @AlwaysNoobCoder