Blog Archives

Why web sockets fail on http while succeed over https


I was in a mess and this is the blog which gave me clue out of it.
I had created two simple examples of websocket implementation using yet to realease spring 4 support for websockets.
I tested it from home and all well and good (no issues).
Next day I tried to demo it in my team –and the HTTP version failed, but to surprise the HTTPS was still good and saved my day!
I realized that I have not done my homework properly –rather impressed by simplicity of spring, have rushed in implementation. While searching for the issue I stumbled on the above article –it turns out that “Automatic Proxy” at office network was culprit. Here is the story

  1. We have “automatic proxy ” at work place –meaning no explicit IP or script in proxy tab in browser setting, once on network, transparent proxies are used.
  2. For HTTP :: Since browser was not aware of any explicit proxy, it addressed the Web socket server and while passing through the transparent proxy, required headers were removed. Websocket is an http upgrade (communicated via certain header, above article have all the details) -since headers were removed, the end server could not make sense of it and treated as simple HTTP
  3. For HTTPS :: Again browser was not aware of proxy, but since data was encrypted –proxy did not tampered the header and request went through to the actual server -since headers were still there all went good and fine!
  4. Spring web socket client (Sockjs) was smart enough to switch to WSS when I used HTTPS –which I did not realize at first shot. Lesson learned -test stuff behind proxy, firewalls even if it is an internal demo 🙂

In actual scenario –in any of corporate deployment, it’s going to be a HTTPS, so seems that web socket have a very good story there!

Load balancer for Web Sockets


I am working on a implementation which requires using websockets with failover to comet. Web socket is an upgrade protocol to HTTP, and once established the connection remains open between server and client. Typical HTPP load balancers will not work – so what is the solution.
I did some research on loadbalancer with specific support for Websockets –it turns out that HAPROX is the most reliable and widely used open source option. Other option is NgNix, having community version as well as paid model –but community version lacks active support.

Apache has also released it’s module for websockets, but reviews are not as good as HAPROXY. A good comparison and discussion around these three is available in this post.

The “Greatest Limitation” of HAPROXY –it does not have a build for windows.
It can be worked out for testing with cygwin on windows -but for any production deployment, it has to be a linux machine.