Reputation: 183
Socket.io + Flask and frontend HTTPS reverse proxy & backend HTTP reverse proxy
so my client websockets can't connect to the webserver if I try to reach the website over https. Over http it works. My setup is the following:
I have a python socketio webserver and a http reverse proxy (the backend proxy) locally on that machine that passes the requests through. This works quite well.
Now I have a frontend https reverse proxy that passes the connection to the backend, at this point it breaks. The websockets fail to connect now. If my fronted proxy uses http it works again.
Client error message:
The connection to wss://frontend.example.com/socket.io/?EIO=3&transport=websocket&sid=92f50dc52f374c79baca0ecfd14f15b6 was interrupted while the page was loading.
I use the flask-socketio library and start the python application with:
app = f.Flask(__name__)
socketio = sockio.SocketIO(app)
socketio.run(app)
$ netstat -tulpen
tcp 0 0 127.0.0.1:5000 0.0.0.0:* LISTEN 1000 86048 5619/python3.7
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 115411 6903/nginx: master
Backend nginx conf:
server {
listen 0.0.0.0:80 ;
listen [::]:80 ;
server_name backend.example.com ;
location / {
proxy_pass http://127.0.0.1:5000;
}
location /socket.io {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Accept-Encoding "";
}
}
Frontend nginx conf:
server {
listen 0.0.0.0:443 ssl http2 ;
listen [::]:443 ssl http2 ;
server_name frontend.example.com ;
location /.well-known/acme-challenge {
root /var/lib/acme/acme-challenge;
auth_basic off;
}
ssl_certificate /var/lib/acme/frontend.example.com/fullchain.pem;
ssl_certificate_key /var/lib/acme/frontend.example.com/key.pem;
ssl_trusted_certificate /var/lib/acme/frontend.example.com/full.pem;
location / {
set $nix_proxy_target "http://backend.example.com";
proxy_pass $nix_proxy_target;
}
location /socket.io {
set $nix_proxy_target "http://backend.example.com";
proxy_pass $nix_proxy_target;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Accept-Encoding "";
}
}
Upvotes: 0
Views: 1154
Answers (1)
Reputation: 183
So I found out that the error was caused by socketio itself because of its cross origin policy which was not set to the correct url.
The solution was to add the following:
socketio = sockio.SocketIO(
app, engineio_logger=DEBUG, cors_allowed_origins=["https://frontend.example.com"]
)
Upvotes: 0
Related Questions
- How to serve same endpoint via HTTP and Websocket in Flask?
- How do i run a flask_socketio application with ssl enabled?
- Flask-socketio issues with https, http, wss unable to connect in Heroku
- Handle Socket.IO requests through Nginx reverse proxy
- Secure communication between flask-socketio server and python-socketio
- How to establish websocket connection from angular-socketio to flask-socketio
- After implementation of nginx reverse-proxy Js Client connects with Flask socketio but doesn't receive any messages
- Websocket (socket.io) proxy with python flask and nodejs
- Flask - SocketIO hidden behind reverse proxy with Nginx
- python Flask socketio 404/400 from browser