Bug 1313395 - Unable to obtain user-agent or client IP in websocket handshake on OpenShift hosted WildFly [NEEDINFO]
Unable to obtain user-agent or client IP in websocket handshake on OpenShift ...
Status: CLOSED WONTFIX
Product: OpenShift Online
Classification: Red Hat
Component: Routing (Show other bugs)
2.x
Unspecified Unspecified
low Severity low
: ---
: ---
Assigned To: Rory Thrasher
zhaozhanqi
:
: 1369533 (view as bug list)
Depends On:
Blocks: 1361306
  Show dependency treegraph
 
Reported: 2016-03-01 09:24 EST by Jaspreet Kaur
Modified: 2017-05-31 14:22 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1361306 (view as bug list)
Environment:
Last Closed: 2017-05-31 14:22:11 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
erich: needinfo? (agrimm)
erich: needinfo? (jkaur)
erich: needinfo? (jkaur)


Attachments (Terms of Use)

  None (edit)
Description Jaspreet Kaur 2016-03-01 09:24:35 EST
Description of problem:


I have created an annotated web socket endpoint in my application (@ServerEndpoint).  It uses a ServerEndpointConfig.Configurator via the configurator of the annotation.  In my modifyHandshake method of the configurator I can access various headers.  However, neither the user-agent nor x-forwarded-for headers are available. What is preventing to get those headers

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. The code that is being used is as below :

package map.peersockets;

import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.servlet.http.HttpSession;
import javax.websocket.HandshakeResponse;
import javax.websocket.server.HandshakeRequest;
import javax.websocket.server.ServerEndpointConfig;

public class ServletAwareConfig extends ServerEndpointConfig.Configurator {

    @Override
    public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) {
    	try{
	    	Logger.getLogger(BinaryWebSocketServer.class.getName()).log(Level.INFO, "Headers:" + request.getHeaders().toString());
	    	Logger.getLogger(BinaryWebSocketServer.class.getName()).log(Level.INFO, "Headers:" + response.getHeaders().toString());
	    	if (request.getHeaders().containsKey("user-agent")) {
	    		config.getUserProperties().put("user-agent", request.getHeaders().get("user-agent").get(0)); 
	        }
	    	if (request.getHeaders().containsKey("x-client-ip")) {
	    		config.getUserProperties().put("origin", request.getHeaders().get("x-client-ip").get(0)); 
	        }
	    } catch (Exception ex) {
		      Logger.getLogger(BinaryWebSocketServer.class.getName()).log(Level.SEVERE, ex.getMessage(), ex);
		    }
	    }

}



2. logs showing all the headers :

2016-02-29 09:26:07,469 INFO  [map.peersockets.BinaryWebSocketServer] (default task-58) Headers:{Connection=[Upgrade], Host=[127.11.128.129:8080], Sec-WebSocket-Key=[MTMtMTQ1Njc1NTk2NzQwMw==], Sec-Websocket-Protocol=[my-protocol], Sec-WebSocket-Version=[13], Upgrade=[websocket]}
2016-02-29 09:26:07,469 INFO  [map.peersockets.BinaryWebSocketServer] (default task-58) Headers:{Connection=[Upgrade], Content-Length=[0], Sec-WebSocket-Accept=[bzLe7pkjwcds8UOYr7F+RxlY8SA=], Sec-WebSocket-Location=[ws://127.11.128.129:8080/sockets], Server=[WildFly/8], Upgrade=[WebSocket], X-Powered-By=[Undertow/1]}
3.

Actual results:

user-agent or client IP headers are missed from headers

Expected results:

user-agent or client IP  should be seen


Additional info:
Comment 3 Andy Grimm 2016-03-11 15:22:59 EST
I have confirmed that the websocket upgrade headers are set here:

https://github.com/openshift/origin-server/blob/master/node-proxy/lib/proxy/ProxyServer.js#L458-L469

As you can see, the upgrade request headers are not inherited, which is why user-agent is not showing up, and the X-Forwarded-For and X-Client-IP headers are not being set.  We probably want something like:

var zheaders = { 'headers': {}};

zheaders.headers['user-agent'] = upgrade_req.headers['user-agent'];

/*  Set X-Forwarded-For HTTP extension header.  */
var xff = upgrade_req.connection.remoteAddress  ||
          upgrade_req.socket.remoteAddress;
zheaders.headers['X-Forwarded-For'] = xff;

/*  Set X-Client-IP HTTP extension header.      */
zheaders.headers['X-Client-IP'] = xff;
 
/* Pass down the cookie, if any */
...
Comment 4 Andy Grimm 2016-03-23 09:28:19 EDT
master PR: https://github.com/openshift/origin-server/pull/6373
Comment 5 openshift-github-bot 2016-04-04 17:08:49 EDT
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/bc5f3cc93a9df3c165b0c6490819c30bfbff585e
Bug 1313395 - Forward several headers in websocket upgrade requests
Comment 10 Rory Thrasher 2016-08-26 16:02:51 EDT
*** Bug 1369533 has been marked as a duplicate of this bug. ***
Comment 11 Rory Thrasher 2016-08-26 16:05:51 EDT
QA, the same instructions for the enterprise version can be used to test this.

Please follow the below steps to test the fix for this bug:

1) Create a diy application using the application code found at https://github.com/tiwillia/SimpleDIYPrintHeaders.git

  $ rhc app-create websockettest diy --from-code https://github.com/tiwillia/SimpleDIYPrintHeaders.git
  [...]
    URL:        http://websockettest1-tiwillia.dev.rhcloud.com/
  [...]

2) Create a websocket connection to the application on port 8000. You can do this any way you'd like, but I found this to be the easiest:

  4a) Install and use the wscat tool:

  $ npm install wscat
  $ ~/node_modules/wscat/bin/wscat --connect ws://websockettest1-tiwillia.dev.rhcloud.com

  OR

  4b) Copy the following into a file on your local machine and open the file in your browser of choice:

  <!doctype html>
  <html lang="en">
  <head>
    <title>Websocket Client</title>
  </head>
  <body>
    <script>
        console.log("I'm trying to connect!");
      var exampleSocket = new WebSocket("ws://websockettest1-tiwillia.dev.rhcloud.com:8000");
      exampleSocket.onopen = function (event) {
        console.log("Connected!");
      };
    </script>
  </body>
  </html>

3) `rhc tail` the logs of the app as the connection is made or view the logs afterwards. The headers the application receives during the inital connection will be printed to the application logs. Verify that the user-agent, X-Forwarded-For, and X-Client-IP headers are recorded in the logs.

Please let us know if there are any questions.
Comment 12 zhaozhanqi 2016-12-06 00:52:50 EST
QE tried to verify this bug on devenv_5831.

but met issue in step:

# rhc app show websockettest
websockettest @ http://websockettest-dma.dev.rhcloud.com/ (uuid: 58462e52ee4a68062f000017)
------------------------------------------------------------------------------------------
  Domain:          dma
  Created:         Dec 05 10:19 PM
  Gears:           1 (defaults to small)
  Git URL:         ssh://58462e52ee4a68062f000017@websockettest-dma.dev.rhcloud.com/~/git/websockettest.git/
  Initial Git URL: https://github.com/tiwillia/SimpleDIYPrintHeaders.git
  SSH:             58462e52ee4a68062f000017@websockettest-dma.dev.rhcloud.com
  Deployment:      auto (on git push)

  diy-0.1 (Do-It-Yourself 0.1)
  ----------------------------
    Gears: 1 small


# ~/node_modules/wscat/bin/wscat --connect ws://websockettest-dma.dev.rhcloud.com/
error: Error: unexpected server response (502)

Could you help on this? thanks.
Comment 13 Eric Paris 2017-05-31 14:22:11 EDT
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause.

Note You need to log in before you can comment on or make changes to this bug.