Custom Response Headers are not set for WSS:// request

yanz67 · August 13, 2019, 3:41pm

I am working on setting up Traefik to route to an application that uses websockets. The routing is working in some cases and if a user is behind a HTTPS proxy then I am seeing 403 BlockWebsockets error. I am not sure if user's proxy is blocking the request but the same user is able to use another application that is behind nginx that uses websockets with out any issues.

I saw a suggestion to set CORS headers on the response which I am trying to do and I am able to set headers on the https response but not on WSS
These are the labels from the docker-compose file

          traefik.frontend.entryPoints: "https"
          traefik.frontend.headers.customResponseHeaders: "Access-Control-Allow-Methods:GET, POST, OPTIONS, PUT||Access-Control-Allow-Origin:*"

The wss response is:

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade

with out the custom response headers. Is there anything specific to WSS i have to set to enable CORS on wss response.

Thank you,

Yan

daniel.tomcej · August 14, 2019, 2:36pm

Hello @yanz67,

Can you please provide us with your Traefik configuration, and the full set of labels on the container in question?

Websocket responses should not be treated any differently in regards to custom header addition.

If you have the dashboard enabled, does it show the custom headers in the frontend created for your container?

yanz67 · August 14, 2019, 3:49pm

Hi @daniel.tomcej,

Thank your for the response.

Here is the traefik.toml

insecureSkipVerify= true
[global]
  checkNewVersion = true
  sendAnonymousUsage = true
 defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.https]
  address = ":443"
    [entryPoints.https.tls]
[acme]
  email = "myemail@email.com"
  caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
  storage = "acme.json"
  entryPoint = "https"
  onHostRule = true
    [acme.tlsChallenge]

     [entryPoints.https.auth.forward]
        address = "https://traefik-idc"
      [entryPoints.https.auth.forward.tls]
        insecureSkipVerify = true

Here is the label's from docker compose file

    labels:
      - "traefik.backend=coder"
      - "traefik.frontend.rule=Host:myhost.com;PathPrefixStrip:/vscode/"
      - "traefik.frontend.entryPoints=https"
      - "traefik.frontend.headers.customResponseHeaders=Access-Control-Allow-Methods:GET, POST, OPTIONS, PUT||Access-Control-Allow-Origin:*"

I check the dashboard and Custom Response Headers are part of the front end configuration

I checked it again and the response headers are set properly on all the HTTPS request but not WSS
Let me know if you need any other information.

All the best,

Yan

Topic		Replies	Views
Websocket problems Traefik v2 (latest) docker	4	10702	November 17, 2022
Websockets endpoint troubleshoot Traefik v1 docker	2	1146	February 2, 2022
Help wanted: HTTPS redirection with custom ports Traefik v2 (latest) docker , middleware	3	3948	February 1, 2021
Secure websocket connection to SpringBoot fails with 403 if behind Traefik Traefik v2 (latest) docker	1	554	February 11, 2022
Routing HTTP and WebSocket to different ports Traefik v2 (latest) docker	5	3103	August 31, 2022

Custom Response Headers are not set for WSS:// request

Related Topics