How connect code-server to the websocket when using a custom reverse proxy?

[Apdul0329]

Hello.
Currently, I am implementing a reverse proxy using python, and I am trying to use this reverse proxy to operate the code-server as Using Let's Encrypt with NGINX.

Currently, HTTP communication has confirmed that it sends a request to the code-server through my reverse proxy and receives a response.
However, I try to connect to the websocket server of the code-server through the code below, but I get a 403 error.

import websocket as websocket
import websockets
import asyncio
import http.server

    async def proxy_to_websocket(self):
        async with websockets.connect(f'ws://localhost:8080', extra_headers=self.headers, origin="*") as websocket:
            ReverseProxy.websocket = websocket 
            async for message in websocket:
                await self.websocket.send(message)
                # response = await websocket.recv()
                # self.wfile.write(response)

Is there anything else I need to do to resolve this 403 error?
Or did I enter the wrong websocket url of code-server?
I'd appreciate it if you could give me an answer.

For your information, I am sending you the reverse proxy error for 403 errors, the browser screenshot connected to the code-server, and the developer tool screenshot together.

Traceback (most recent call last):
  File "/usr/lib/python3.10/socketserver.py", line 316, in _handle_request_noblock
    self.process_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 347, in process_request
    self.finish_request(request, client_address)
  File "/usr/lib/python3.10/socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/home/ubuntu/test.py", line 197, in <lambda>
    asyncio.run(http.server.HTTPServer(('', args.port), lambda *args, **kwargs: ReverseProxy(loop=loop, *args, **kwargs)).serve_forever())
  File "/home/ubuntu/test.py", line 53, in __init__
    super().__init__(request, client_address, server)
  File "/usr/lib/python3.10/socketserver.py", line 747, in __init__
    self.handle()
  File "/usr/lib/python3.10/http/server.py", line 433, in handle
    self.handle_one_request()
  File "/usr/lib/python3.10/http/server.py", line 421, in handle_one_request
    method()
  File "/home/ubuntu/test.py", line 111, in do_GET
    asyncio.run(self.proxy_to_websocket())
  File "/usr/lib/python3.10/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.10/asyncio/base_events.py", line 649, in run_until_complete
    return future.result()
  File "/home/ubuntu/test.py", line 64, in proxy_to_websocket
    async with websockets.connect(f'ws://localhost:8080', extra_headers=self.headers, origin="*") as websocket:
  File "/home/ubuntu/.local/lib/python3.10/site-packages/websockets/legacy/client.py", line 637, in __aenter__
    return await self
  File "/home/ubuntu/.local/lib/python3.10/site-packages/websockets/legacy/client.py", line 655, in __await_impl_timeout__
    return await self.__await_impl__()
  File "/home/ubuntu/.local/lib/python3.10/site-packages/websockets/legacy/client.py", line 662, in __await_impl__
    await protocol.handshake(
  File "/home/ubuntu/.local/lib/python3.10/site-packages/websockets/legacy/client.py", line 329, in handshake
    raise InvalidStatusCode(status_code, response_headers)
websockets.exceptions.InvalidStatusCode: server rejected WebSocket connection: HTTP 403

Thank you.

[code-asher]

As a sanity check, does everything work if you access code-server without a proxy? And/or can you check if it works with a reverse proxy like NGINX or Caddy? It does not look like your code is persisting the path or query variables, so maybe that has something to do with it. A web socket request will look something like this, with the hash and reconnection token redacted for brevity: ws://localhost:8080/stable-<hash>?reconnectionToken=<token>&reconnection=false&skipWebSocketFrames=false

[Apdul0329]

Thank you for your answer.
I checked that the code-server works normally when I used the reverse proxy function of nginx without using my custom reverse proxy.
However, code-server access is not possible without nginx. Also, even if I try to connect to the websocket by changing the path you answered, I get the same 403 error.
Is there a way to access it after I operate only the code-server without nginx? And is there an authentication element for connecting code-server and websocket?

[code-asher]

Are you running with password authentication on? Maybe your proxy is not passing cookies through to the web socket?

[code-asher]

Although if that was the case I would expect a 401, not a 403.