I am writing a very basic websocket server. This works in Google Chrome but not in Firefox (v46.0.1). The error message in Firefox is not very helpful either.
Firefox can't establish a connection to the server at
ws://localhost:9000/.
This is the Opening handshake from firefox.
GET / HTTP/1.1
Host: localhost:9000
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Sec-WebSocket-Version: 13
Origin: null
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZfChFbbco7cR0jrAliH+LQ==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
This is my server's opening handshake response.
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Version: 13
Sec-WebSocket-Accept: <accept-key>
Is the server's opening response not enough for Firefox?
Related
I'm making a simple cross-origin request request, which is blocked by firefox with reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘http://localhost:4200, *’).
The request headers are:
Host: localhost:8090
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: application/json, text/plain, */*
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost:4200/schedule
Origin: http://localhost:4200
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Response Headers:
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 11 Jul 2018 07:15:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 41359
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: http://localhost:4200
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
As far as i can see, the origin and Access-Control-Allow-Origin match, but firefox seems to have a different opinion. The same setup works correctly with Chrome.
What am I missing here ?
Thanks,
Steven
The comment by #sideshowbaker put me on the right track: an add-on that i was using earlier for local testing seemed to intervene in the CORS exchange, even when it wasn't supposed to.
Removing it corrected the issue.
I have a web application developed with Java 7, PrimeFaces 5 (JSF), Tomcat 7. Some time ago a user reported a defect from production environment where everything he clicked caused the page to be refreshed. I couldn't reproduce it then I forgot about it... but right now I just reproduced the issue, for the first time, running the application in my local machine. Any button I click, that triggers an ajax request, will be followed by a page refresh. I tried to restart tomcat and to clear Chrome's cache with CMD+SHIFT+R but I still can reproduce the issue.
I can reproduce on Google Chrome, but not on Firefox and Safari. I opened the network tab from Developer Tools from both Firefox and Chrome to compare the requests... but I still can't understand... does anybody have any idea what may be happening?
I will provide below the network activities for the following close event:
<p:panel id="myPanel" widgetVar="myPanelVar" closable="true">
<p:ajax event="close" listener="#{myBean.changeSomeVariables}" />
<h:outputText value="Example panel"/>
<a onclick="PF('myPanelVar').close();"><span class="ui-icon ui-icon-closethick"></span></a>
</p:panel>
Network activity from Firefox (working fine):
Request URL:http://localhost:8080/myMainPage;jsessionid=3BF25F4A5CF149326D3561C0F2002FB9
Request Method:POST
Status Code:200 OK
Remote Address:[::1]:8080
REQUEST HEADERS:
Host: localhost:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:48.0) Gecko/20100101 Firefox/48.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Faces-Request: partial/ajax
X-Requested-With: XMLHttpRequest
Referer: http://localhost:8080/myMainPage
Content-Length: 309
Connection: keep-alive
RESPONSE HEADERS:
Cache-Control: no-cache, no-store, must-revalidate, no-cache
Content-Length: 335
Content-Type: text/xml;charset=UTF-8
Date: Sun, 21 Aug 2016 03:02:14 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Apache-Coyote/1.1
FORM DATA:
javax.faces.partial.ajax=true&javax.faces.source=myPanel&javax.faces.partial.execute=myPanel&javax.faces.behavior.event=close&javax.faces.partial.event=close&myHeaderForm=myHeaderForm&myHeaderForm%3Aemail=userTest&myHeaderForm%3Apassword=passTest&javax.faces.ViewState=3276447570579140768:319272761245257759
Network activity from Chrome (not working fine, I don't understand where the GET request is coming from):
Request URL:http://localhost:8080/myMainPage
Request Method:POST
Status Code:200 OK
Remote Address:[::1]:8080
REQUEST HEADERS:
POST /myMainPage HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 325
Origin: http://localhost:8080
Faces-Request: partial/ajax
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/xml, text/xml, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Referer: http://localhost:8080/myMainPage
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,pt;q=0.6
Cookie: JSESSIONID=5C1AE4DB6B1B5148BD81FD0E47002EA4
RESPONSE HEADERS:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=B68E094F6CF3C5AD57D96F0D1823AEBD; Domain=.mySite.com; Path=/; HttpOnly
Cache-Control: no-cache
Content-Type: text/xml;charset=UTF-8
Content-Length: 76
Date: Sun, 21 Aug 2016 03:05:36 GMT
FORM DATA:
javax.faces.partial.ajax=true&javax.faces.source=myPanel&javax.faces.partial.execute=myPanel&javax.faces.behavior.event=close&javax.faces.partial.event=close&myHeaderForm=myHeaderForm&myHeaderForm%3Aemail=userTest&myHeaderForm%3Apassword=passTest&javax.faces.ViewState=8492705007558548241%3A8154221161100277529
__________________________________________________________
Request URL:http://localhost:8080/myMainPage
Request Method:GET
Status Code:200 OK
Remote Address:[::1]:8080
REQUEST HEADERS:
GET /myMainPage HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://localhost:8080/myMainPage
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,pt;q=0.6
Cookie: JSESSIONID=5C1AE4DB6B1B5148BD81FD0E47002EA4
RESPONSE HEADERS:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=D352B9B5644288F3095D1A702075AFEB; Domain=.mySite.com; Path=/; HttpOnly
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 21 Aug 2016 03:05:36 GMT
Thanks
How could I set a reverse proxy with caddy that speak with a crossbar router?
I have a docker with a crossbar router that listen on localhost 8080, and I use caddy as a reverse proxy.
Below the Caddyfile:
`0.0.0.0:80
proxy /ws localhost:8080{
proxy_header Connection {>Connection}
proxy_heade Upgrade {>Upgrade}
}
header /ws {
Upgrade "WebSoket"
Connection "Upgrade"
}`
'tcpflow 8080' return nothing when I try to connect.
Below the header from chrome:
RESPONSE
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: r/PdCQJibmcb5XrfVbnSXJMuf9g=
Sec-Websocket-Protocol: wamp.2.json
Server: Caddy
Server: Crossbar/0.11.1
Upgrade: WebSocket
X-Powered-By: AutobahnPython/0.10.9
Date: Tue, 09 Feb 2016 14:12:04 GMT
REQUEST
GET ws://78.46.244.23/ws HTTP/1.1
Host: 78.46.244.23
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
Origin: chrome://newtab
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTM
like Gecko) Chrome/48.0.2564.103 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: it-IT,it;q=0.8,en-US;q=0.6,en;q=0.4
Sec-WebSocket-Key: OaEUxWnqjZWyfLypeYxeXw==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Sec-WebSocket-Protocol: wamp.2.json
Below the frame:
[1,"realm1",{"roles":{"caller":{"features":{"caller_identification":true,"progressive_call_results":true}},"callee":{"features":{"progressive_call_results":true}},"publisher":{"features":{"subscriber_blackwhite_listing":true,"publisher_exclusion":true,"publisher_identification":true}},"subscriber":{"features":{"publisher_identification":true}}}}]
And the console error:
WebSocket connection to 'ws://78.46.244.23/ws' failed: Invalid frame header
you have a typo in your Caddyfile:
Upgrade "WebSoket"
I have a Java program which forwards the HTTP request from clients to INTERNET and write back the response to client. But when clients trying Google.com from their browser i am getting 302 found Response from Internet.
Here is the Request from client :
GET http://google.com/ HTTP/1.1
Host: google.com
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 OPR/28.0.1750.51
DNT: 1
Accept-Encoding: gzip, deflate, lzma, sdch
Accept-Language: en-US,en;q=0.8
Cookie: PREF=ID=0168c274e46046ff:FF=0:LD=en:TM=1427909641:LM=1428321915:GM=1:S=HGTpo1ahuPUd4Nu2; SID=DQAAAPgAAACOH1NUVCRnVJfjL-W4MtbTmqx9yY1Wbra4LM7D8_uslXU_43zD4QrZl4eHqBuukNoKFw0gD68Vt7DltSgBrOoVRufDgeLImP8321g2-IxjmtqwjJoI9sSM3YEwC5ZvnTNyrwuHhBp-zZqImsaHshVmvt8GEV1WDFHs4OZ74g219CeKYztHKjsQLDS_yZ725qsIKWjvbb_NlnO5IqktZ0Q6JXIMRPzshZQvoq7ZiwH9RfiIASpHIiFC1XDwrMZDcbONpKCke2QxZtmxSPfUHXuBx53bJOZFHUrcAJAvihBAXoFwZHUr2beVtRuLe1w8blbt6AGTy9dT9gZ9nVjeSHzK; HSID=Aso16-EnwP4siCr5Q; APISID=DIHL_mSdprkZSELD/AjGWXXsjCWUT9FEuy; NID=67=DGyWJrkoHYqgDmpEMmQVlnzZQLlwGNTxbAZ8--PQeTPlZ4SbL3AbFNP40h0NOI3ztb_6SkDTHwGJonmESsToDR6Vkmur0VST-6k34xVvQM9FQH_PaoMrK8O6kT0Avd8FIITl7G7ERJbvbwWIsCuhIwZOR2cj2r6aCmnM27A
This is the Response i got :
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Location: http://www.google.co.in/?gfe_rd=cr&ei=Uhw7Vbe6H_PI8Ae_qICIBA
Content-Length: 261
Date: Sat, 25 Apr 2015 04:47:14 GMT
Server: GFE/2.0
Alternate-Protocol: 80:quic,p=1
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
here.
</BODY></HTML>
Is this because Google using HTTPS instead of HTTP. and it is trying to redirect the request...?
But how i should process this reply?
I send the same response to client. But no redirection is happening,
What should i do?
From the Location header in the Http Response, seems that Google detected that the call came from India and it's redirecting the call to Google India i.e. http://www.google.co.in/?gfe_rd=cr&ei=Uhw7Vbe6H_PI8Ae_qICIBA.
When you get a 302 response your client should react properly and follow the call to the Location header.
Sometimes it is an issue about ipv6 transaction against ipv4.
Try disable ipv6 in your server and reboot with:
echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf
I've implemented a web application that takes advantage of CORS to gather JSON data from another server. The servers run on different subdomains. Everything seems implemented correctly, and it works fine with Chromium. Below is a copy of my requests, from Chromium.
My problem is that in Firefox (tested with 13.0.1), no request is ever made for my AJAX resource. No preflight request is ever sent, and no actual request is made. Instead, I get this error, from the XMLHttpRequest.send() function:
[21:40:27.546] uncaught exception: [Exception... "Access to restricted URI denied" code: "1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)" location: "http://192.168.1.99:2502/static/mootools-core-1.4.5.js Line: 5398"]
I am using Mootools' Request.JSON object, which sets various extra headers, meaning that a preflight would indeed be required. However, it is never sent.
Unfortunately, JSONP is not an option, as the data is sensitive.
Does anyone have insight into what the problem could be?
Thanks very much.
Working example, from Chromium:
Preflight request:
OPTIONS /api/resource HTTP/1.1
Host: dev0.mydomain.com
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: http://192.168.1.99:2502
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.19 (KHTML, like Gecko) Ubuntu/12.04 Chromium/18.0.1025.151 Chrome/18.0.1025.151 Safari/535.19
Access-Control-Request-Headers: origin, x-request, x-requested-with, accept
Accept: */*
Referer: http://192.168.1.99:2502/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: [redacted]
Preflight response:
HTTP/1.0 200 OK
Server: PasteWSGIServer/0.5 Python/2.7.3
Date: Fri, 29 Jun 2012 01:43:37 GMT
Content-Length: 0
Access-Control-Allow-Headers: Cookie, Origin, X-Request, X-Requested-With, Accept
Access-Control-Max-Age: 1
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://192.168.1.99:2502
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
"Real" request:
GET /api/resource HTTP/1.1
Host: dev0.mydomain.com
Connection: keep-alive
Origin: http://192.168.1.99:2502
X-Request: JSON
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.19 (KHTML, like Gecko) Ubuntu/12.04 Chromium/18.0.1025.151 Chrome/18.0.1025.151 Safari/535.19
Accept: application/json
Referer: http://192.168.1.99:2502/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: [redacted]
"Real" response:
HTTP/1.0 200 OK
Server: PasteWSGIServer/0.5 Python/2.7.3
Date: Fri, 29 Jun 2012 01:43:37 GMT
Access-Control-Allow-Origin: http://192.168.1.99:2502
Content-Type: text/html; charset=UTF-8
Content-Length: 22
Access-Control-Allow-Credentials: true
The answer is given in the comments to the question. Firefox was not sending the request due to the HTTP authentication username I had provided.