Azure-docs: WSS Upgrade Header problem - Azure Web App for Containers

Hi @ozanbora, thanks for the feedback! We are currently investigating and will update you shortly.

@ozanbora Linux Web Apps is a newer offering than Windows Web Apps. As a result, feature parity is still not equal. Web sockets on Linux Web Apps are still not supported.

With that being said, I will be meeting with the product group in two weeks and will share your feedback with them to see if we can get an updated status on this feature.

We will now proceed to close this thread. If there are further questions regarding this matter, please tag me in your reply. We will gladly continue the discussion and we will reopen the issue.

Is there any update on this? Websockets do work with Linux containers, but if you enable AD Authentication it breaks - this has been an outstanding issue for a while now.

@BryanTrach-MSFT Has there been any update on this? We are running into the same issue that our SignalR hub deployed to a linux container is not able to connect using websockets.

@BryanTrach-MSFT any update?. Please reopen this or reference where it is being tracked. Thanks.

i have the same problem

https://i.stack.imgur.com/ApU4i.png

I'm also having the same (or related) issue with Azure App Services (Linux host). Per docs, if you're having issues with sockets, you're supposed to disable perMessageDeflate. However, that didn't make a difference for me. I'm also tracking my issue here, and in support ticket with Azure.

I did a very detailed investigation a while ago, because I had no other options make it work in my case. I have tried perMessageDeflate and bunch of different combinations.

My problem was related to CORS policy settings applied through AppService settings on Azure Portal. I think it has something to do with reverse proxy rules which intercepts the requests. So I removed every CORS policy and apply my own CORS on the express app inside the container. Then it was running without any problem.

I'm not sure if I remember correctly, but if you have multiple instances running with your web app, you also need to enable ARR affinity as well.

That was the issue exactly. Removing the CORS settings through the portal and a restart got web sockets to work. My support agent just got back with me in the last few minutes and she stated that CORS is not supported on Linux App Service (as of today). It would be nice for MS to disallow setting it on the portal or at least including it in an FAQ. I know I read every document about Linux App Services, yet saw nothing like this in there regarding sockets.

After some quick testing, it appears that perMessageDeflate is not required to get it to work.

@ozanbora Can you provide some more details of how you configured (or disabled) CORS on your Web App to get the sockets working. My app which uses bokeh, has never had any CORS settings enabled. As I am using bokeh, I don't have programmatic control inside the App of the websocket implementation, so I cannot set things like perMessageDeflate

Extra detail... I only experience problems with the WebSockets when I have authentication enabled - I believe this is caused by a poor EasyAuth implementation.

.

My support rep said, "When CORS or AUTH is enabled [it breaks Linux App Service's sockets implementations because] with Linux it is not supported yet."

In order to use Linux App Service and utilize the CORS or AUTH features, you simply can't because it's not implemented. The official recommended solution is to switch to Windows App Service. It seems Windows is getting preferential treatment as Linux App Service has been around long enough that the feature parity should be nearly equivalent and the documentation is terribly out of date.

perMessageDeflate is not required for WebSockets to work with socket.io. To configure CORS for the App Service from the portal, it's the same as you would for Windows. You can go to your App Service in the portal, select CORS on the left side menu under API. Delete any entries in there to disable App Service's CORS feature. I had only one that was * that I was using during testing since I had CORS configured with my Windows App Service before switching to Linux.

If you remove all entries, you should have functioning Web Sockets without CORS. However, keep in mind, you should configure CORS with your web server framework for security reasons. If it's express with socket.io, you'll have to do something like this. Most web frameworks follow a similar paradigm by specifying it on your server object as an option.

@euandekock I removed everything from CORS configuration page on Azure portal and left it blank.

@ozanbora Are you running a Linux or Windows-based environment in Azure app services?

I tried deleting all my CORS policies in Azure and now I handle CORS completely within my express app. However it still doesn't work.

EDIT: sorry, just read your initial question. seems like you are using linux

I used Azure SignalR service for solve this proplem, and i find new problem.
Free SignalR servise has limitation 20 connection, this limit always at the peak and close my connection (single connection)