[
https://issues.apache.org/jira/browse/MYFACES-4720?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18056584#comment-18056584
]
Werner Punz edited comment on MYFACES-4720 at 2/5/26 7:06 AM:
--------------------------------------------------------------
I rechecked the issue, this was a configuration issue on the glassfish side!
The code is basically dead code by now, because the url is supposed to have the
proper protocol in! For me it is a little bit unclear here whether we should
remove it for now, the code is expected to have the proper url, but is this
really true for all versions which support websocket? I would mark the code in
the new codebase (for now not in myfaces but with the next commit) for
deprecation but won´t remove it until it is clear that it is save to remove it
for all versions. I do not want to have a code split on the new and old code
over this issue!
I have added a marker in the codebase so with the next major fix it will land
in myfaces, and will close it for now, in the best circumstances this is dead
code, in the worst case it wont do anything wong (http becomes ws and https
becomes wss, it just would fail in a misconfiguration scenario where no prefix
comes from the implementation and/or the server expects mixed content, but the
concrete case pointed out showed that mojarra set the protocol from the server
side but the reverse proxy was misconfigured the js code did not do anything
wrong)
was (Author: werpu):
I rechecked the issue, this was a configuration issue on the glassfish side!
The code is basically dead code by now, because the url is supposed to have the
proper protocol in! For me it is a little bit unclear here whether we should
remove it for now, the code is expected to have the proper url, but is this
really true for all versions which support websocket? I would mark the code in
the new codebase (for now not in myfaces but with the next commit) for
deprecation but won´t remove it until it is clear that it is save to remove it
for all versions. I do not want to have a code split on the new and old code
over this issue!
I have added a marker in the codebase and will close it for now, in the best
circumstances this is dead code, in the worst case it wont do anything wong
(http becomes ws and https becomes wss, it just would fail in a
misconfiguration scenario where no prefix comes from the implementation and/or
the server expects mixed content, but the concrete case pointed out showed that
mojarra set the protocol from the server side but the reverse proxy was
misconfigured the js code did not do anything wrong)
> WebSocket secure protocol
> -------------------------
>
> Key: MYFACES-4720
> URL: https://issues.apache.org/jira/browse/MYFACES-4720
> Project: MyFaces Core
> Issue Type: Bug
> Components: General
> Affects Versions: 4.0.3, 4.1.1
> Reporter: Melloware
> Assignee: Werner Punz
> Priority: Major
>
> [~werpu] this was reported at Mojarra:
> https://github.com/eclipse-ee4j/mojarra/issues/5578
> I believe MyFaces has the same issue in PushImpl.ts found here
> {code:javascript}
> export module PushImpl {
> const URL_PROTOCOL = DQ.global().location.protocol.replace("http", "ws")
> + "//";
> {code}
> What are your thoughts?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
