https://bz.apache.org/bugzilla/show_bug.cgi?id=59134
Bug ID: 59134
Summary: Secure websocket connection through a proxy is not ok
Product: Tomcat 8
Version: trunk
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: WebSocket
Assignee: dev@tomcat.apache.org
Reporter: zra...@gmail.com
I have been trying to open a wss connection through a http proxy, and I always
got the following exception:
...
Caused by: javax.websocket.DeploymentException: The HTTP request to initiate
the WebSocket connection failed
...
Caused by: java.io.EOFException: null
...
Looking at network traffic shows that the proxy connect request is sent, proxy
connection is established and then a plain GET request is sent instead of the
SSL handshake.
Debugging in the WsWebSocketContainer::connectToServer() shows that there is a
secure flag, to indicate whether an SSL connection is needed, but it never gets
true when the connection is through a proxy.
http://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
public Session connectToServer(Endpoint endpoint,
ClientEndpointConfig clientEndpointConfiguration, URI path)
throws DeploymentException
...
boolean secure = false
...
if (sa == null) {
if (port == -1) {
if ("ws".equalsIgnoreCase(scheme)) {
sa = new InetSocketAddress(host, 80);
} else {
// Must be wss due to scheme validation above
sa = new InetSocketAddress(host, 443);
secure = true;
}
} else {
if ("wss".equalsIgnoreCase(scheme)) {
secure = true;
}
sa = new InetSocketAddress(host, port);
}
} else {
proxyConnect = createProxyRequest(host, port);
}
...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
