Socket.io + Flask和前端HTTPS反向代理和后端HTTP反向代理

时间:2019-12-22 19:09:28

标签: nginx flask socket.io reverse-proxy flask-socketio

因此,如果我尝试通过https访问网站,则我的客户端websocket无法连接到Web服务器。通过http它有效。我的设置如下:

我在传递请求的那台机器上本地有一个python socketio Web服务器和一个http反向代理(后端代理)。效果很好。

现在我有一个前端https反向代理,它将连接传递给后端,此时它断开了。 WebSocket现在无法连接。如果我的前端代理使用http,它将再次起作用。

客户端错误消息:

The connection to wss://frontend.example.com/socket.io/?EIO=3&transport=websocket&sid=92f50dc52f374c79baca0ecfd14f15b6 was interrupted while the page was loading.

我使用flask-socketio库并使用以下命令启动python应用程序:

app = f.Flask(__name__)
socketio = sockio.SocketIO(app)
socketio.run(app)

$ netstat -tulpen
tcp        0      0 127.0.0.1:5000          0.0.0.0:*               LISTEN      1000       86048      5619/python3.7      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          115411     6903/nginx: master

后端nginx conf:

 server {
    listen 0.0.0.0:80 ;
    listen [::]:80 ;
    server_name backend.example.com ;
    location / {
            proxy_pass http://127.0.0.1:5000;

    }
    location /socket.io {
        proxy_pass http://127.0.0.1:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_set_header        X-Forwarded-Host $host;
        proxy_set_header        X-Forwarded-Server $host;
        proxy_set_header        Accept-Encoding "";
    }
}

前端nginx conf:

server {
        listen 0.0.0.0:443 ssl http2 ;
        listen [::]:443 ssl http2 ;
        server_name frontend.example.com ;
        location /.well-known/acme-challenge {
                root /var/lib/acme/acme-challenge;
                auth_basic off;
        }
        ssl_certificate /var/lib/acme/frontend.example.com/fullchain.pem;
        ssl_certificate_key /var/lib/acme/frontend.example.com/key.pem;
        ssl_trusted_certificate /var/lib/acme/frontend.example.com/full.pem;
        location / {
                set $nix_proxy_target "http://backend.example.com";
                proxy_pass $nix_proxy_target;
        }
        location /socket.io {
                set $nix_proxy_target "http://backend.example.com";
                proxy_pass $nix_proxy_target;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto $scheme;
                proxy_set_header        X-Forwarded-Host $host;
                proxy_set_header        X-Forwarded-Server $host;
                proxy_set_header        Accept-Encoding "";
        }
    }

1 个答案:

答案 0 :(得分:0)

所以我发现错误是由socketio本身引起的,因为它的跨源策略未设置为正确的url。

解决方案是添加以下内容:

socketio = sockio.SocketIO(
    app, engineio_logger=DEBUG, cors_allowed_origins=["https://frontend.example.com"]
)
相关问题
最新问题