Skip to content

websocket problem when deployed behind nginx #767

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
lins05 opened this issue Dec 21, 2014 · 3 comments
Closed

websocket problem when deployed behind nginx #767

lins05 opened this issue Dec 21, 2014 · 3 comments

Comments

@lins05
Copy link

lins05 commented Dec 21, 2014

When drone is deployed behind nginx, the websocket support is broken even if nginx is configured as per http://readme.drone.io/setup/misc/nginx/

After some debugging, I found the problem is that gorilla/websocket library by default checks whether the Host header matches the Origin header, and return a 403 Forbidden when they don't match. When using nginx, the Origin header is the external url, and the Host header is the address drone is listening on, so they differ and the browser get a 403 for websocket requests.

The correspondent code is here .

A temporary hack is to set the origin header to an empty string in nginx configration, e.g:

    location /api/stream {
        proxy_pass http://127.0.0.1:8000;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        proxy_set_header Origin '';
    }

The above hack works for me, but I hope we can find a more elegant solution for this.
@bradrydzewski
Copy link

@lins05 thanks. I've updated the documentation accordingly:
http://readme.drone.io/setup/misc/nginx/

@lins05
Copy link
Author

lins05 commented Dec 28, 2014

@bradrydzewski thanks. But the sample nginx in that doc is not correct. We should not use the nginx location = directive. Please check drone/docs#26

@nelsonic nelsonic mentioned this issue Jul 20, 2017
Closed
@carlogilmar
Copy link

Recently we have the same problem for Phoenix Websockets behing ngnix and this solution was correct

bot-harness pushed a commit that referenced this issue Nov 6, 2023
@marko-gacesa
require latest source sha as param for the merge API (#767)
e731c0f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lins05 @bradrydzewski @carlogilmar