Forwarding issue for Node 22 (SSL error for non-SSL local service)

[elliotcm]

Hi all,

I encountered an issue running smee-client under node 22, but this is really a heads-up as I see you don't have that version in your CI test matrix yet.

When using that node version, it seems fetch tries to connect via https even when the URL starts http://, I assume because of the X-Forwarded-Proto header, or similar. This then fails because the local service is usually listening via http only.

Switching down to node 18 fixed the issue for me so I'm fine with that, but it'll likely become an issue when you start supporting 22.

[AaronDewes]

Hi! I added CI for Node 22 in #296, and in general, the tests seem to pass. Can you provide some steps to reproduce this?

[elliotcm]

Hi @AaronDewes

These were the steps I took:

1. Install nodejs 22.0.0 via asdf (asdf install nodejs latest and asdf global nodejs latest)
2. npm install --global smee-client
3. Start a new channel in smee.io and point a Github App webhook at it
4. Start smee via smee -u https://smee.io/NDz6xO6dvLder0ca --path /webhooks/github (or providing full http://127.0.0.1:3000/webhooks/github URL via the -t option, same result)
5. Start a normal Rails 7 app on port 3000 (using Puma)
6. Incoming webhooks cause the Rails app to log complaining that I'm trying to open an HTTPS connection to HTTP-only Puma, and smee-client to log a "wrong version number" error

The smee-client error pointed to the fetch line in Client.onmessage. I went into the node_modules version of the client locally and logged some debug info; the target URL was correct, so I have to assume it's the forwarding headers causing it.

I did exactly the same steps with nodejs 18.18.0, and other than having to tell Rails to expect smee.io as a host (because that gets forwarded too), it worked fine.