https://bz.apache.org/bugzilla/show_bug.cgi?id=59134
Bug ID: 59134 Summary: Secure websocket connection through a proxy is not ok Product: Tomcat 8 Version: trunk Hardware: PC Status: NEW Severity: normal Priority: P2 Component: WebSocket Assignee: dev@tomcat.apache.org Reporter: zra...@gmail.com I have been trying to open a wss connection through a http proxy, and I always got the following exception: ... Caused by: javax.websocket.DeploymentException: The HTTP request to initiate the WebSocket connection failed ... Caused by: java.io.EOFException: null ... Looking at network traffic shows that the proxy connect request is sent, proxy connection is established and then a plain GET request is sent instead of the SSL handshake. Debugging in the WsWebSocketContainer::connectToServer() shows that there is a secure flag, to indicate whether an SSL connection is needed, but it never gets true when the connection is through a proxy. http://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java public Session connectToServer(Endpoint endpoint, ClientEndpointConfig clientEndpointConfiguration, URI path) throws DeploymentException ... boolean secure = false ... if (sa == null) { if (port == -1) { if ("ws".equalsIgnoreCase(scheme)) { sa = new InetSocketAddress(host, 80); } else { // Must be wss due to scheme validation above sa = new InetSocketAddress(host, 443); secure = true; } } else { if ("wss".equalsIgnoreCase(scheme)) { secure = true; } sa = new InetSocketAddress(host, port); } } else { proxyConnect = createProxyRequest(host, port); } ... -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org