Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-1471

Websocket client redirection issue using SSL

XMLWordPrintable

      The issue is that

      WebSocketClient.connectionBuilder

      expects an URI starting with "wws" in order to create the websocket client to an HTTPS endpoint.

      In my code, I had to write a method which replaces my actual url "https://www.example.com/ws-endpoint" to "wss://www.example.com/ws-endpoint" for WebSocketClient to be happy... Otherwise HTTP is used! The problem is that when a redirection occures, for example if the server returns a 301 with the new location "https://www.example.com/another-ws-endpoint", then you do this:

      https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/websockets/client/WebSocketClient.java#L336

      which runs:

      final String scheme = uri.getScheme().equals("wss") ? "https" : "http";

      https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/websockets/client/WebSocketClient.java#L215

      and then it tries a request on the new location. But since the server returned an "HTTPS" url as the new location, it is not equal to "wss" so "HTTP" is used to perform the new request, instead of "HTTPS"! Of course the new request then fails.

      In my opinion, this line should be fixed:

      final String scheme = uri.getScheme().equals("wss") ? "https" : "http";

            rhn-cservice-bbaranow Bartosz Baranowski
            electrotype Electro Type (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: