httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jens-U. Mozdzen" <>
Subject Re: [users@httpd] websocket header not passing a long with ProxyPass and mod_headers
Date Thu, 08 Feb 2018 16:36:06 GMT
Hi Rainer, hi Mark,

Zitat von Rainer Jung <>:
> Hi Mark,
> Am 08.02.2018 um 16:49 schrieb Mark Nenadov:
>> Hello, I have an operational setup where Apache httpd is proxying  
>> secure websockets traffic to an Apache Tomcat server. In other  
>> words, I'm using ProxyPass to pass traffic along to a WSS url.
>> I'm now having some issues trying to throw mod_headers into the  
>> mix. I'm attempting to manipulate the "Upgrade" header like so in  
>> my Apache httpd Virtual Host:
>> < LocationMatch "/somewhere" >
>>   RequestHeader set Upgrade websocket
>>   ProxyPass wss://  
>> <>
>> < / LocationMatch >
>> So, supposing the client sends something funky for Upgrade like  
>> "WebSocket" (as an older version of a certain websocket library  
>> does), this RequestHeader directive should, by my understanding,  
>> replace it with "websocket".
>> However, when I place %{Upgrade}i in both my Apache httpd and  
>> Apache Tomcat access logs, I'm finding that the modified Upgrade  
>> header appears only in my httpd access logs, Tomcat says it is  
>> getting the original unmodified value!
>> This is rather perplexing to me as my understanding is that  
>> RequestHeader should permanently alter that request header. The  
>> Tomcat setup I have is very straightforward and there should be no  
>> surprises there.
>> I've tried changing my RequestHeader usage to do an unset and add  
>> I've also tried adding the "early" directive to the end of  
>> RequestHeader, but that does not alter the behavior.
>> It sure seems like the problem is with how Apache httpd is passing  
>> things along somehow, but my research hasn't come up with an answer  
>> that explains it or offers a resolution. Am I missing something here?
>> Versions: Apache httpd 2.4.18 / Apache Tomcat 8.5.24
> You are probably proxying with mod_proxy_wstunnel. It seems to me  
> that "Upgrade: WebSocket" is hard-coded in that module.

according to the docs, you can actually specify the protocol: :

"In fact the module can be used to upgrade to other protocols, you can  
set the upgrade parameter in the ProxyPass directive to allow the  
module to accept other protocol."

 From :

"Parameter "upgrade", default "WebSocket": Protocol accepted in the  
Upgrade header by mod_proxy_wstunnel. See the documentation of this  
module for more details."

So maybe setting "upgrade=websocket" as a ProxyPass parameter might  
already achieve what Mark is looking for?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message