1

I use nginx as proxy of my WebSocket traffic and it works great. One of my apps has a requirement to use STOMP, for that I have chosen STOMP js library, which tries to negotiate a protocol via Sec-WebSocket-Protocol header but I have troubles adding this header in the nginx response.

nginx version: nginx/1.6.2

Below is my server block:

server {
  listen 80;
  server_name mware.example.com;

  client_max_body_size 100M;
  keepalive_timeout 5;

  root /srv/applications;
  autoindex off;

  location / {
    # WebSocket
    location = /ws {
      proxy_read_timeout 10m;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_pass http://127.0.0.1:8000/;
      proxy_redirect  http://127.0.0.1:8000/ /;

      # Custom headers
      proxy_set_header  Host            $host;
      proxy_set_header  X-Real-IP       $remote_addr;
      proxy_set_header  REMOTE_PORT     $remote_port;
      proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;

      #add_header    Sec-WebSocket-Protocol  $http_sec_websocket_protocol;
      add_header    Sec-WebSocket-Protocol  'v10.stomp, v11.stomp';
    }
  }
}

So tried adding the header via $http_sec_websocket_protocol variable as well as literally specifying it, none of this worked for me. Below is the packet capture on the localhost.

Packet sent:

T 10.3.2.100:36798 -> y.y.y.y:80 [AP]
GET /ws HTTP/1.1.
Host: mware.example.com.
Connection: Upgrade.
Pragma: no-cache.
Cache-Control: no-cache.
Upgrade: websocket.
Origin: file://.
Sec-WebSocket-Version: 13.
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36.
Accept-Encoding: gzip, deflate, sdch.
Accept-Language: en-US,en;q=0.8.
Cookie: __utma=82131859.1920436741.1415282304.1421757291.1421760088.10; session_id_api=x.x.x.x-87eeca97-c6db-4010-bef8-f4875a6feb52; session_id_portal=x.x.x.x-ace62281-2446-4708-aa9d-4390eb41e02a.
Sec-WebSocket-Key: bGN7hB4fw7/JuF6A5vSf6A==.
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits.
Sec-WebSocket-Protocol: v10.stomp, v11.stomp.

Nginx response:

T y.y.y.y:80 -> 10.3.2.100:36798 [AP]
HTTP/1.1 101 Switching Protocols.
Server: nginx/1.6.2.
Date: Tue, 17 Nov 2015 09:35:18 GMT.
Connection: upgrade.
Upgrade: websocket.
Sec-WebSocket-Accept: D34d7GBjjQkSC8jrjpixNmMxDMc=.

You can see that Sec-WebSocket-Protocol header is missing.

On the application level I receive properly formatted packet by nginx, with custom headers added, etc.

Upgrade: websocket
Connection: upgrade
Host: mware.example.com
X-Real-IP: x.x.x.x
REMOTE_PORT: 36798
X-Forwarded-For: x.x.x.x
Pragma: no-cache
Cache-Control: no-cache
Origin: file://
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: __utma=82131859.1920436741.1415282304.1421757291.1421760088.10; session_id_api=x.x.x.x-87eeca97-c6db-4010-bef8-f4875a6feb52; session_id_portal=x.x.x.x-ace62281-2446-4708-aa9d-4390eb41e02a
Sec-WebSocket-Key: bGN7hB4fw7/JuF6A5vSf6A==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Sec-WebSocket-Protocol: v10.stomp, v11.stomp
Improve this question

1 Answer 1

Reset to default
2

http://nginx.org/r/add_header

Adds the specified field to a response header provided that the response code equals 200, 201, 204, 206, 301, 302, 303, 304, or 307. A value can contain variables.

You response with 101 code.

Since version 1.7.5 there is always flag, but you use older version. Also you could consider to use third-party module like headers_more or lua.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.