WebSocket 通过 SSL 与 Apache 反向代理 [英] WebSocket through SSL with Apache reverse proxy
问题描述
在客户端,我正在尝试建立 wss 连接:
On the client side, I am trying to establish the wss connection:
var ws = new WebSocket("wss://wsserver.com/test")
它返回一个错误:
WebSocket 连接到wss://wsserver.com/test"失败:WebSocket 握手期间出错:意外响应代码:400
完整的标题是:
请求标头
GET wss://wsserver.com/test HTTP/1.1
Host: wsserver.com
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
Origin: https://website.net
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Sec-WebSocket-Key: Tj9AJ5TKglNf5LoHsQTpvQ==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
响应头
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:https://website.net
Connection:close
Content-Length:18
Content-Type:text/plain; charset=utf-8
Date:Fri, 21 Apr 2017 21:03:45 GMT
Server:Apache/2.4.18 (Ubuntu)
Vary:Origin
X-Content-Type-Options:nosniff
服务器端正在 Apache 反向代理后面的端口 8888 上运行.这是 Apache 配置:
The server side is running on go at port 8888 behind an Apache reverse proxy. This is the Apache configuration:
<VirtualHost *:443>
ServerName website.com
ProxyPreserveHost On
ProxyRequests Off
ProxyPass "/" "wss://localhost:8888/"
mod_proxy 和 mod_proxy_wstunnel 已安装.
这里有什么遗漏吗?似乎请求通过但未建立连接.
Is there something missing here? It seems like the request goes through but no connection is established.
推荐答案
我最终通过对虚拟主机使用此配置解决了这个问题,该配置使用 HTTP 标头过滤请求:
I ended up solving this problem by using this configuration for the virtual host, which filters requests using the HTTP headers:
<VirtualHost *:443>
ServerName website.com
RewriteEngine On
# When Upgrade:websocket header is present, redirect to ws
# Using NC flag (case-insensitive) as some browsers will pass Websocket
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule ^/ws/(.*) wss://localhost:8888/ws/$1 [P,L]
# All other requests go to http
ProxyPass "/" "http://localhost:8888/"
我将其留作参考,以防对其他人有帮助
I'm leaving this as a reference in case it helps others
这篇关于WebSocket 通过 SSL 与 Apache 反向代理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!