Cookie-based sticky sessions (reopen) #1159
Comments
|
Any updates on this? |
|
anyone ever solve this? |
|
@AndyGOBrien one workaround is to get your cookies from the server first and then open the socket connection specifying the const socket = io(url, {
extraHeaders: {
Cookie: cookiesString
}
})Docs: https://github.com/socketio/engine.io-client#nodejs-with-extraheaders |
|
@turpault there's an
|
darrachequesne
added
the
documentation
|
Yes, i got this to work. Thanks guys |
|
@AndyGOBrien were you doing this in browser or in node? i'm able to get it working in node, but in browser i'm unable to set the |
|
socket.io-client-v2.1.1 currently
at Webpack 3.11.0 / Mac 10.13.6 / Google Chrome 67.0.3396.87 |
BREAKING CHANGE: socket.io-client\s `extraHeaders` option **works only on nodejs** socketio/socket.io-client#1159
Any working example? Thanks |
|
Warning: The solution above does not handle AWSALB timeout. If the socket tries to reconnect after stickiness-timeout (i.e. 24hrs), it will throw |
I got same problem. any luck it got fixed already? |
|
@Seldonm @gabmontes @59naga any luck that anyone ever get a successful case with extraHeaders? |
|
Any update on this? There are load balancer that do work only with Cookie sticky session, like Traefik... |
|
For future readers: cookie-based session affinity is definitely supported I updated the documentation to make it clearer:
The latter should fix the initial issue with the // server
const io = require("socket.io")(httpServer, {
cors: {
origin: "https://front-domain.com",
methods: ["GET", "POST"],
credentials: true
}
});
// client
const io = require("socket.io-client");
const socket = io("https://server-domain.com", {
withCredentials: true
}); |
|
using // server // client it's throwing below error Failed to load http://localhost:9292/socket-api/?EIO=4&transport=polling&t=OW6kkXe: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://localhost:3001' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute. |
Our project is composed of a set of nodejs micro services, communicating through socket.io. Some of those micro services are running behind an amazon ALB load balancer. The only available session stickiness available to ALB target groups is cookie-based and the connections are allocated using a round-robin algorithm when the session cookie is not specified in the http request.
This effectively breaks the handshake protocol occurring when the socket.io connection is established, leading to the dreaded xhr poll error 400 response.
A workaround consists in disabling the xhr polling altogether in the client and only rely on the actual websocket. This is perfect in a controlled environment, but does not work when some of the services are developed and hosted by third parties.
Another hack also exists, which consists in overriding the base require('http').request function call, and issuing a pre-flight request in order to fetch those session cookies. Further http requests would then reinsert the cookies in the request. At best, I call that a hack.
See ALB Sticky Sessions
Another request for the same feature #775
The text was updated successfully, but these errors were encountered: