I use nginx as proxy of my WebSocket traffic and it works great. One of my apps has a requirement to use STOMP, for that I have chosen STOMP js library, which tries to negotiate a protocol via Sec-WebSocket-Protocol header but I have troubles adding this header in the nginx response.
nginx version: nginx/1.6.2
Below is my server block:
server {
listen 80;
server_name mware.example.com;
client_max_body_size 100M;
keepalive_timeout 5;
root /srv/applications;
autoindex off;
location / {
# WebSocket
location = /ws {
proxy_read_timeout 10m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://127.0.0.1:8000/;
proxy_redirect http://127.0.0.1:8000/ /;
# Custom headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE_PORT $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#add_header Sec-WebSocket-Protocol $http_sec_websocket_protocol;
add_header Sec-WebSocket-Protocol 'v10.stomp, v11.stomp';
}
}
}
So tried adding the header via $http_sec_websocket_protocol variable as well as literally specifying it, none of this worked for me. Below is the packet capture on the localhost.
Packet sent:
T 10.3.2.100:36798 -> y.y.y.y:80 [AP]
GET /ws HTTP/1.1.
Host: mware.example.com.
Connection: Upgrade.
Pragma: no-cache.
Cache-Control: no-cache.
Upgrade: websocket.
Origin: file://.
Sec-WebSocket-Version: 13.
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36.
Accept-Encoding: gzip, deflate, sdch.
Accept-Language: en-US,en;q=0.8.
Cookie: __utma=82131859.1920436741.1415282304.1421757291.1421760088.10; session_id_api=x.x.x.x-87eeca97-c6db-4010-bef8-f4875a6feb52; session_id_portal=x.x.x.x-ace62281-2446-4708-aa9d-4390eb41e02a.
Sec-WebSocket-Key: bGN7hB4fw7/JuF6A5vSf6A==.
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits.
Sec-WebSocket-Protocol: v10.stomp, v11.stomp.
Nginx response:
T y.y.y.y:80 -> 10.3.2.100:36798 [AP]
HTTP/1.1 101 Switching Protocols.
Server: nginx/1.6.2.
Date: Tue, 17 Nov 2015 09:35:18 GMT.
Connection: upgrade.
Upgrade: websocket.
Sec-WebSocket-Accept: D34d7GBjjQkSC8jrjpixNmMxDMc=.
You can see that Sec-WebSocket-Protocol header is missing.
On the application level I receive properly formatted packet by nginx, with custom headers added, etc.
Upgrade: websocket
Connection: upgrade
Host: mware.example.com
X-Real-IP: x.x.x.x
REMOTE_PORT: 36798
X-Forwarded-For: x.x.x.x
Pragma: no-cache
Cache-Control: no-cache
Origin: file://
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: __utma=82131859.1920436741.1415282304.1421757291.1421760088.10; session_id_api=x.x.x.x-87eeca97-c6db-4010-bef8-f4875a6feb52; session_id_portal=x.x.x.x-ace62281-2446-4708-aa9d-4390eb41e02a
Sec-WebSocket-Key: bGN7hB4fw7/JuF6A5vSf6A==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Sec-WebSocket-Protocol: v10.stomp, v11.stomp
Adds the specified field to a response header provided that the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307. A value can contain variables.
You response with 101 code.
Since version 1.7.5 there is always flag, but you use older version. Also you could consider to use third-party module like headers_more or lua.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments