Question

我在数字海洋的Ubuntu Droplet上遇到了问题。我在域上使用代理反向配置。 SSL与certbot。我正在运行一个永远的套接字，但当我从javascript调用ip：7777时，我收到此错误：

WebSocket connection to 'wss://www.mydomain.tld/proxy' failed: Error during WebSocket handshake: Unexpected response code: 400

我使用直接ip：端口测试了http，并且我收到了相同的错误

WebSocket connection to 'ws://myip:7777' failed: Error during WebSocket handshake: Unexpected response code: 40 0

我在ngixn中对我的域的配置是：

server {
    listen      mypublicip:80;
    server_name mydomain.com www.mydomain.com;
    root        /home/admin/web/mydomain.com/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/mydomain.com.log combined;
    access_log  /var/log/nginx/domains/mydomain.com.bytes bytes;
    error_log   /var/log/nginx/domains/mydomain.com.error.log error;

    location / {

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    127.0.0.1:9002;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/admin/web/mydomain.com/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/admin/web/mydomain.com/stats/;
        include /home/admin/conf/web/mydomain.com.auth*;
    }

    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/admin/conf/web/nginx.mydomain.com.conf*;
    listen 443 ssl; # managed by Certbot

    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



    # Redirect non-https traffic to https
     if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    location /proxy {
       proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_pass http://127.0.0.1:7777/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_next_upstream error timeout http_502 http_503 http_504;
    }
}

Answer 1

Webcoskcet hanshake reponse标题看起来像这样。

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Protocol://any additional protocols that reponse may have
Sec-WebSocket-Accept:// accept key

接受标头需要由服务器进行类型化，方法是先从请求标头中取出密钥，然后将字符串与字符串258EAFA5-E914-47DA-95CA-C5AB0DC85B11“连接起来。”然后获取此项的SHA-1哈希，然后编码它以base64编码。

WebSocket握手400

1 个答案: