WebSocket support #654
Comments
|
Sorry for the delay in responding. I was waiting until I have some time to research this, but have not found the time. My understanding is that websockets will work via an explicit proxy by doing a CONNECT call to the server. Is this correct? Adding a site to siteexceptionlist should then allow it through. We would welcome your help with this. The best code to work with is v5.5.dev as this has much improved debugging options. |
|
Also, versions prior to v5.5 used a simplex tunneling method, which will be fine for http traffic, but may cause issues with other protocols. In v5.5 this is replaced with a fully duplex non-blocking tunneling method which you may find performs better. |
|
Thanks for the response! WebSocket works a little differently. It starts with a normal HTTP request and response, after which the connection is left open for socket style communication. It takes advantage of the Obviously, we would have a hard time filtering the real-time content once the WebSocket has been established, but the handshake HTTP request/response at least could go through normal filtering, and we could implement having a trusted set of sites or even urls where WebSocket (or more general connection upgrades) would be allowed. |
|
@philipianpearce Couple things: I just noticed in your comments you mention version 5.5 might work better. It looks like 5.4 is the latest official release, and the Arch AUR package is still at 5.3. What's the best way for me to get 5.5 installed? I'm also wondering about workarounds in the meantime. Previous versions of e2guardian/dansguardian used a third-party proxy (Squid, I believe?) but this was before I started using it. I never did figure out how to set it up along with Squid. Is that still possible instead of using the built-in proxy? I was thinking, if it was, I might be able to configure the proxy to bypass e2guardian for certain requests that require WebSocket. My other thought was to set up an entirely separate proxy between the client and e2guardian. (I have experience setting up reverse proxies like nginx, but not a forward proxy... 🤷♂️) Any thoughts would be appreciated. Thanks! |
|
Quick update: I found a workaround. So one problem was that the WebSocket connection was not actually going to e2guardian at all! Turns out when Firefox is using system proxy settings, it doesn't apply to WebSocket connections. I had the firewall configured to block direct connections that aren't through e2guardian (to prevent circumventing the proxy), and thus it blocked the WebSocket. I configured Firefox with manual proxy settings, and now WebSocket connections also go to the proxy. That's one mystery solved! Once that was squared away, then having the site in Finally, I'm still on version 5.3.4, because that's what's available in the Arch Linux AUR. It looks like there's a build issue, so I opened a couple PRs to address that. Then hopefully the AUR can get a more recent version. |
|
Any possibility of supporting websockets without needing to be added to |
|
I will look at this for next release (v5.6). |
|
Any update on this? |
|
Is this still planned for v5.6? |
|
I will do a scoping exercise and see if it can be included.
Philip
…----- On 25 Apr, 2024, at 16:04, MDMCK10 ***@***.***> wrote:
Is this still planned for v5.6?
—
Reply to this email directly, [
#654 (comment) |
view it on GitHub ] , or [
https://github.com/notifications/unsubscribe-auth/ABHZDWI4ZEGVVF3B5WHOFRTY7ELQFAVCNFSM4VADJC22U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TEMBXG42DQNBWGEZQ
| unsubscribe ] .
You are receiving this because you were mentioned. Message ID:
***@***.***>
|
First of all, thanks for maintaining this internet filter. I am using it on my kids' laptops.
Long story short, I cannot figure out how to get WebSocket connections to work through the proxy. It's preventing the kids from getting on their Blackboard Collaborate lab sessions for school. My search included e2guardian, squid, and dansguardian, and I wasn't able to find anything. Maybe it's just not supported?
You can easily reproduce the problem by going to https://www.websocket.org/echo.html. Click
Connectand thenSend. You should seeCONNECTEDthen the sent and received messages in the log box, but instead, I see an error andDISCONNECTEDfrom the kid's laptop.To give some background on my setup, I have e2guardian installed on the laptop hosted on port 8080 and set up for HTTPS. Environment variables are set to configure the system to proxy through the local e2guardian. Finally, the local firewall is set up to block outgoing internet access except from the e2guardian proxy. All of this is on Arch Linux. Everything works perfectly except WebSocket connections.
I have tried adding the domain to the
exceptionsitelist, but it still won't work. I also tried setting Firefox's proxy settings manually, as I found a previous issue with Firefox that involved WebSocket not working when using system proxy settings, but it had no effect. I also tried setting the SOCKS proxy in Firefox. This caused a delay before seeingDISCONNECT, but the connection still failed.Any ideas? I can also try to contribute if you can point me in the right direction. I write software for a living, including probably the largest-scale application of SignalR which maintains hundreds of thousands of WebSocket connections to push terabytes of live stock market updates every day over the open web, so I know a thing or two about WebSocket...
The text was updated successfully, but these errors were encountered: