You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected Result:
The connection would succeed and I would receive the expected WebSocket message, in the same manner as the tool wscat, invoked as per the following (and run from the same PC/IP address):
Actual Result:
My connection is disconnected with the error: Invalid handshake response getStatus: 403 Forbidden, which results from Cloudflare dropping the connection with a HTTP 403 / Cloudflare 1020.
Additionally:
The existing code works correctly if I instead try to connect to wss://api.kashall.dev/socket, which the author @kashalls has told me is written in NodeJS and is also behind Cloudflare. So my primary concern is if behind the scenes something odd is done that would result in such behaviour.
Requests (captured from Wireshark)
Successful (with wscat, it actually returns 301, because for testing I did this over http):
Thank you for the detailed report, that's very useful! Maybe I need a separate issue label for websockets, the bugs are always so nasty >_>.
In this case, it looks to be an instance of netty/netty#9673. I think the easiest thing to do here is subclass WebSocketClientHandshaker13, override newHandshakeRequest and then remove the Origin header from the request if it's not present in the user-supplied custom headers.
Will have a look at that this evening. Should be easy, just unfortunate it needs to be done at all!
Minecraft Version
1.19.x
Version
1.100.10
Details
Logs:
latest.log
debug.log
Root Cause
I've found out by fiddling with curl that this is caused by ComputerCraft/Netty adding an origin header to the request.
Action Performed:
I tried connecting to the Discord Gateway API using
http.websocket(url, headers)
The Lua code for which was:
Expected Result:
The connection would succeed and I would receive the expected WebSocket message, in the same manner as the tool
wscat
, invoked as per the following (and run from the same PC/IP address):Actual Result:
My connection is disconnected with the error:
Invalid handshake response getStatus: 403 Forbidden
, which results from Cloudflare dropping the connection with a HTTP 403 / Cloudflare 1020.Additionally:
The existing code works correctly if I instead try to connect to
wss://api.kashall.dev/socket
, which the author @kashalls has told me is written in NodeJS and is also behind Cloudflare. So my primary concern is if behind the scenes something odd is done that would result in such behaviour.Requests (captured from Wireshark)
Successful (with
wscat
, it actually returns 301, because for testing I did this over http):Unsuccessful (ComputerCraft):
The text was updated successfully, but these errors were encountered: