javascript - Websockets in Firefox not working with several HTTPS pages -


i have websocket client-server application. here's client's simplified code:

const host = "wss://localhost:8000";  const sub_protocol= "sub-protocol";   var websocket = new websocket(host, sub_protocol);  websocket.onopen  = function(evt)   { ... }; websocket.onclose = function(evt)   { ... }; websocket.onerror = function(evt)   { ... }; websocket.onmessage = function(evt) { ... }; 

and here's server:

const port = 8000; const subprotocol = 'sub-protocol';  var websocketserver = require('websocket').server;  var https = require('https'); var fs = require('fs');  // private key , certification (self-signed now)  var options = {   key: fs.readfilesync('cert/server.key'),   cert: fs.readfilesync('cert/server.crt') };  var server = https.createserver(options, function(request, response) {     console.log((new date()) + ' received http(s) request ' + request.url);     response.writehead(404);     response.end(); });   // bind server object listen port number server.listen(port, function() {     console.log((new date()) + ' server listening on port ' + port); });  wsserver = new websocketserver({     httpserver: server,     // should not use autoacceptconnections production     // applications, defeats standard cross-origin protection     // facilities built protocol , browser.  should     // *always* verify connection's origin , decide whether or not     // accept it.     autoacceptconnections: false });   function originisallowed(origin) {   // put logic here detect whether specified origin allowed.   return true; }  // if autoacceptconnections set false, request event emitted // server whenever new websocket request made wsserver.on('request', function(request) {      if (!originisallowed(request.origin)) {       // make sure accept requests allowed origin       request.reject();       console.log((new date()) + ' connection origin ' + request.origin + ' rejected.');       return;     }      // accepts connection , return socket connection     var connection = request.accept(sub_protocol, request.origin);      console.log((new date()) + ' connection accepted.');      // when message received     connection.on('message', function(message) {          // echo         connection.send(connection, message.utf8data);      });       connection.on('close', function(reasoncode, description) {         console.log((new date()) + ' peer ' + connection.remoteaddress + ' disconnected.');     });  }); 

both client , server works expected https pages (tested on twitter, mail.ru,). reason doesn't example facebook or github.

in javascript console this:

exception { message: "", result: 2153644038, name: "", filename: "", linenumber: 0, columnnumber: 0, inner: null, data: null }

then huge stack trace follows: pasted here

and @ end:

content security policy: page's settings blocked loading of resource @ wss://localhost:8000/ ("connect-src https://github.com:443 https://ghconduit.com:25035 https://live.github.com:443 https://uploads.github.com:443 https://s3.amazonaws.com:443").

i don't see how these page differ pages, works. i'd point out, these pages works in chrome.

(tested in firefox 31)

the pages websocket connection fails have content-security-policy header connect-src directive set allow connections set of whitelisted domains. means connections page non-whitelisted domain fail.

its not clear how you're running code. seems possible chrome allows extensions bypass header restriction while firefox not, or effect.


Comments

Popular posts from this blog

Error while updating a record in APEX screen -

javascript - Jquery show_hide, what to add in order to make the page scroll to the bottom of the hidden field once button is clicked -

ios - Xcode 5 "No such file or directory" -