Ws: HTTP Redirection at Handshake

Created on 22 Aug 2016  路  15Comments  路  Source: websockets/ws

Hi there !

Like it say in the RFC 6455

   1.  If the status code received from the server is not 101, the
       client handles the response per HTTP [RFC2616] procedures.  In
       particular, the client might perform authentication if it
       receives a 401 status code; the server might redirect the client
       using a 3xx status code (but clients are not required to follow
       them), etc.  Otherwise, proceed as follows.

But when i try a redirect status 302.
The websocket throw an Error 'unexpected server response (302)'

// serv.js
var Net = require('net')
var Wss = require('ws').Server

var server = new Net.Server()

server.on('connection',socket=>{
  socket.write('HTTP/1.1 302 Found\nLocation: ws://localhost:8080\n\n')
  socket.end()
})

server.listen(80)

var wss = new Wss({port:8080})

// ws.js
var Ws = require('ws')

var ws = new Ws('ws://localhost') // throw Error: unexpected server response (302)

I misunderstand something or this is a divergence of the RFC 6455 ?

bug minor
Source
picture FlorianBELLAZOUZ
👍29

Most helpful comment

Not sure how you'll prioritize this, so here's our use case.
301 redirects are often used when server infra changes, etc.
In our case, we absolutely have to redirect, but users of this library will break when we do so.

Please upvote the original post if you need this feature

picture blandinw on 28 Mar 2017
👍6

All 15 comments

+1
Facing the same issue where "follow-redirect" isn't supported.

dwang2 picture dwang2 on 7 Nov 2016

Yes, the client does not follow redirects, but if I read the spec correctly "clients are not required to follow them".

lpinca picture lpinca on 25 Jan 2017

Hello!
@lpinca, is there any way to follow them?

danields761 picture danields761 on 24 Mar 2017

No, at the moment there is no way unless you monkey patch the code.

lpinca picture lpinca on 24 Mar 2017

Not sure how you'll prioritize this, so here's our use case.
301 redirects are often used when server infra changes, etc.
In our case, we absolutely have to redirect, but users of this library will break when we do so.

Please upvote the original post if you need this feature

blandinw picture blandinw on 28 Mar 2017
👍6

@blandinw a possible workaround is to use a proxy which follows redirects.
A PR to fix the issue is welcome.

lpinca picture lpinca on 29 Mar 2017

I started a fix, in lib/WebSocket.js.

During handshake, if server answer by 301 or 302 status code, initAsClient() is called recursively with updated address. It also store the state isRedirecting in the options object to avoid redirect loop if new handshake attempt result in another redirection.

I tried the testing code provided on top of this thread, and it seems the socket is created properly. If this approach receive a good feedback, should we also check that the location header provided by server is well formed before trying another handshake? if yes, is there a spec about what is a well formed url for a websocket?

 function initAsClient (address, protocols, options) {
  options = Object.assign({
    protocolVersion: protocolVersions[1],
    protocol: protocols.join(','),
    perMessageDeflate: true,
    handshakeTimeout: null,
    localAddress: null,
    headers: null,
    family: null,
    origin: null,
    agent: null,
    host: null,
    isRedirection: false,

line 654:
`` this._req.on('response', (res) => { if(!options.isRedirection && ((res.statusCode == 301) || (res.statusCode == 302))){ options.isRedirection = true; initAsClient.call(this, res.headers.location, protocols, options); return; } if (!this.emit('unexpected-response', this._req, res)) { this._req.abort(); this.emit('error', new Error(unexpected server response (${res.statusCode})`));
this.finalize(true);
}
});

jklepatch picture jklepatch on 22 Sep 2017
👍3

+1 it should handle redirections, it's a normal use case.

luislobo picture luislobo on 22 Mar 2018
👍3

+1 it should handle redirections, it's a normal use case.

@jklepatch How about yoru fix, did you finish it?

huan picture huan on 5 May 2018

@flavioespinoza I'm not sure what you're trying to achieve, but I doubt you'll succeed with personal attacks. People working on this project do so on their spare time and let you benefit from their efforts for free.

I understand (and share to some extent) your frustration, but maybe you can channel this energy into a clean pull request to fix this once and for all?

In any case, let's try to be civil online, especially on GitHub :-)

blandinw picture blandinw on 7 Sep 2018
👍5

@bradisbell Good advice. I will. It will take me a few days as I am knee deep in deployment, but I'll fix it and submit a PR.

However, I suspect (as with this thread and this bug) it will be ignored. But, we shall see.

flavioespinoza picture flavioespinoza on 7 Sep 2018

If you implement it well I'm more than happy to merge it when I can. As others already said, no one is getting paid to work on this project.

FYI the WebSocket implementation in most browsers does not follow redirects.

lpinca picture lpinca on 7 Sep 2018
👍1

Any update on this?

piranna picture piranna on 4 Nov 2018

I'm also interested in the redirects.

kazuhitoyokoi picture kazuhitoyokoi on 26 Nov 2018

Please take a look at #1490.

lpinca picture lpinca on 19 Jan 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

makc picture makc  路  4Comments
anonaka picture anonaka  路  5Comments
quesurifn picture quesurifn  路  3Comments
ImBundle picture ImBundle  路  3Comments
sherikapotein picture sherikapotein  路  3Comments