Hi, I am trying to use HAProxy as proxy for socket.io transports. Standard XMLHttpRequest and WebSockets work ok but I have trouble with flash transport.
The flashtransport uses flash plugin to establish socket connection and after that data is send and received using WebSockets protocol. To make flash socket connect I need to provide "flash policy file" to the plugin. According to the documentation[1] flash attempts to download policy file from server available on port 843 at the same domain and if it fails it tries to use destination host and port. My current config looks like this: defaults log 127.0.0.1:514 local1 debug # Flash player will not send send policy-file-request # on client connection if policy file can be requested # from the same host on port 843. # We cannot use different port here. frontend flashpolicy_server bind 0.0.0.0:843 mode tcp default_backend nodejs_flashpolicy # Main frontend frontend proxy bind 0.0.0.0:80 bind 0.0.0.0:8443 mode http option httplog maxconn 200000 timeout client 86400000 default_backend webapp #websockets acl is_websocket path_beg /socket.io acl is_websocket hdr(Upgrade) -i WebSocket acl is_websocket hdr_beg(Host) -i ws use_backend websocket if is_websocket backend webapp mode http option httplog option httpclose server cherrypy1 localhost:7000 check backend websocket mode http option httplog timeout server 86400000 timeout queue 5000 timeout connect 86400000 option forwardfor no option httpclose option http-server-close option forceclose server node1 localhost:12000 maxconn 2000 check backend nodejs_flashpolicy mode tcp server node1 localhost:10843 maxconn 2000 check Everything works but one scenario: if port 843 is blocked on client side then flash plugin is sending '<flash-policy-request/>\0' to the proxy frontend and expects xml file. In this case I should route this connection to nodejs_flashpolicy instead of websocket backend. Do you have any solution to this? the best solution would be to check first X bytes for '<flash-policy-request/>'. Worse but still working solution would be to route all invalid http requests to the nodejs_flashpolicy. I cannot find any way to configure HAProxy to make it work. If you have any suggestions please share. I am using haproxy 1.4.17 [1] http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html Thanks! Ćukasz