Proxy middelware - No TLS(https) support for Websocket

[Harish09]

Discussed in #2199

^{Originally posted by Harish09 June 9, 2022}
Using Proxy middleware to proxy requests to a web server to multiple other services. Have configured the transport layer to support TLS for the proxy requests. But websocket TLS (wss://) requests are being proxied as requests without TLS (ws://) due to this code snippet in proxy.go

// Proxy switch { case c.IsWebSocket(): proxyRaw(tgt, c).ServeHTTP(res, req) case req.Header.Get(echo.HeaderAccept) == "text/event-stream": default: proxyHTTP(tgt, c, config).ServeHTTP(res, req) }

Is there a way to supply ProxyConfig to the websocket requests as well, so that the transport layer can be customised for TLS ?

[MatthiasWerning]

Bumping this, as I ran into this problem right now as well. As far as I examined the standard golang reverse proxy lib, there is a handler for WebSocket upgrades as well, so why not use that, instead of trying copying IO the raw way?

[MatthiasWerning]

Okay, just made an own proxy middleware copying the current implementation minus the extra raw handler for websockets. Works for secure WebSockets. Didn't test it for unencrypted connections though.

[aldas]

@MatthiasWerning are you interested in creating PR for it?

[MatthiasWerning]

@aldas Sorry for responding late, I was a bit busy the recent days. I'm already creating a PR right now.

However, for a unit test, that would require a server that upgrades your connection to a websocket and then test basic functionality. Upgrading and handling of messages is of course a bit more complicated when done manually and the well known gorilla/websocket library would simplify handling. That would require another dependency in the go.mod though.

The current implementation however doesn't have any unit tests regarding web socket functionality anyway so I could skip that if wished.