Hi Rainer, hi Mark,
Zitat von Rainer Jung <rainer.j...@kippdata.de>:
Hi Mark,
Am 08.02.2018 um 16:49 schrieb Mark Nenadov:
Hello, I have an operational setup where Apache httpd is proxying
secure websockets traffic to an Apache Tomcat server. In other
words, I'm using ProxyPass to pass traffic along to a WSS url.
I'm now having some issues trying to throw mod_headers into the
mix. I'm attempting to manipulate the "Upgrade" header like so in
my Apache httpd Virtual Host:
< LocationMatch "/somewhere" >
RequestHeader set Upgrade websocket
ProxyPass wss://192.168.1.77/some_url_on_tomcat
<http://192.168.1.77/some_url_on_tomcat>
< / LocationMatch >
So, supposing the client sends something funky for Upgrade like
"WebSocket" (as an older version of a certain websocket library
does), this RequestHeader directive should, by my understanding,
replace it with "websocket".
However, when I place %{Upgrade}i in both my Apache httpd and
Apache Tomcat access logs, I'm finding that the modified Upgrade
header appears only in my httpd access logs, Tomcat says it is
getting the original unmodified value!
This is rather perplexing to me as my understanding is that
RequestHeader should permanently alter that request header. The
Tomcat setup I have is very straightforward and there should be no
surprises there.
I've tried changing my RequestHeader usage to do an unset and add
I've also tried adding the "early" directive to the end of
RequestHeader, but that does not alter the behavior.
It sure seems like the problem is with how Apache httpd is passing
things along somehow, but my research hasn't come up with an answer
that explains it or offers a resolution. Am I missing something here?
Versions: Apache httpd 2.4.18 / Apache Tomcat 8.5.24
You are probably proxying with mod_proxy_wstunnel. It seems to me
that "Upgrade: WebSocket" is hard-coded in that module.
according to the docs, you can actually specify the protocol:
https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html :
"In fact the module can be used to upgrade to other protocols, you can
set the upgrade parameter in the ProxyPass directive to allow the
module to accept other protocol."
From https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypass :
"Parameter "upgrade", default "WebSocket": Protocol accepted in the
Upgrade header by mod_proxy_wstunnel. See the documentation of this
module for more details."
So maybe setting "upgrade=websocket" as a ProxyPass parameter might
already achieve what Mark is looking for?
Regards
Jens
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org