admin管理员组文章数量:1336408
Body: I am implementing a WebSocket proxy and encountered two distinct approaches. Each has its challenges, particularly around handshake management and header handling.
Approach 1: This approach directly forwards the WebSocket handshake and data between the client and server
func serveWebsocket(w http.ResponseWriter, r *http.Request) {
tlsConfig := &tls.Config{
InsecureSkipVerify: false,
.... // certs and all
}
targetConn, err := tls.Dial("tcp", r.URL.Host, tlsConfig)
if err != nil {
log.Printf("Error connecting to target via TLS: %v", err)
return
}
defer targetConn.Close()
hj, ok := w.(http.Hijacker)
if !ok {
log.Printf("Server doesn't support connection hijacking")
return
}
clientConn, _, err := hj.Hijack()
if err != nil {
log.Printf("Error hijacking connection: %v", err)
return
}
defer clientConn.Close()
// Perform handshake manually and proxy data
if err := proxyHandshake(clientConn, targetConn, r); err != nil {
log.Printf("Error during handshake: %v", err)
return
}
go io.Copy(targetConn, clientConn)
go io.Copy(clientConn, targetConn)
}
Approach 2: Dual Connection with Library (coder/websocket)
This approach creates separate WebSocket connections between client <-> proxy and proxy <-> server:
func handleWebSocketConnection(w http.ResponseWriter, r *http.Request) {
clientConn, err := websocket.Accept(w, r, nil)
if err != nil {
log.Printf("Failed to accept WebSocket connection: %v", err)
return
}
defer clientConn.Close(200, "Client disconnected")
tlsConfig := &tls.Config{
InsecureSkipVerify: false,
... // certs and all
}
httpClient := &http.Client{
Transport: &http.Transport{
TLSClientConfig: tlsConfig,
},
}
targetConn, _, err := websocket.Dial(r.Context(), "wss://example", &websocket.DialOptions{
HTTPClient: httpClient,
})
if err != nil {
log.Printf("Failed to connect to target server via TLS: %v", err)
return
}
defer targetConn.Close(200, "Target disconnected")
go io.Copy((clientConn, targetConn)
go io.Copy(targetConn, clientConn)
...
}
Problem In Approach 2, where two separate WebSocket connections are created:
- How should I handle the headers and other metadata from the client's request to ensure the server receives all required information? I did find this .5.1 which gives some information regarding the headers we are supposed to remove at proxy.
- What are the best practices to forward or modify headers to mimic the behavior of a proxy without losing data integrity?
Additional Context In Approach 1, headers are automatically passed as part of the handshake because the proxy is forwarding the handshake directly. However, in Approach 2, since the library handles the handshake, the proxy needs to replicate the headers manually during the server connection setup.
Also, When someone refers to a "WebSocket proxy" implementation, are they typically referring to an implementation:
- where the handshake is directly forwarded between the client and server (like in Approach 1 above)?
- or a dual connection setup where the proxy acts as an intermediary with separate connections to the client and server (like in Approach 2)?
本文标签: goHandling Proxy How to Avoid Issues with Headers in Dual Connection SetupStack Overflow
版权声明:本文标题:go - Handling Proxy: How to Avoid Issues with Headers in Dual Connection Setup? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742404502a2468544.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论