Python 无法在 Firefox 上建立 Websocket 安全连接
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23775215/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Can not established Websocket secure connection on Firefox
提问by Fatih Karatana
I am stucked with Firefox. I could not make Websocket work on it. I use Tornado Websocket and I initialized it by code below:
我被 Firefox 困住了。我无法让 Websocket 在它上面工作。我使用 Tornado Websocket 并通过以下代码对其进行了初始化:
app = Application([(r'/mypath/ws', WSHandler)])
http_server = HTTPServer(app, ssl_options={
"certfile": "~/certs/websocket.crt",
"keyfile": "~/certs/websocket.key"
})
http_server.listen("443")
And I initialized it on Javascript side like this:
我像这样在 Javascript 端初始化它:
var WS = new WebSocket("wss://websocket.localhost/mypath/ws");
This code works fine on Chrome, meanwhile I created the cert by myself and run the page under HTTPS. But Firefox keeps saying that:
这段代码在 Chrome 上运行良好,同时我自己创建了证书并在 HTTPS 下运行页面。但是 Firefox 一直在说:
Firefox can't establish a connection to the server at wss://websocket.localhost/mypath/ws.
I google it and found too many thoughts but none of'em worked for me :(
我用谷歌搜索,发现了太多想法,但没有一个对我有用:(
Any help will be appreciated.
任何帮助将不胜感激。
采纳答案by Fatih Karatana
I solved my problem via ProxyPass. I created a non-secure Websocket server with Tornado and run it on a specific port such as 3232:
我通过 ProxyPass 解决了我的问题。我使用 Tornado 创建了一个非安全的 Websocket 服务器,并在特定端口(例如 3232)上运行它:
app = Application([(r'/ws/', WSHandler)])
ws_server = HTTPServer(app)
ws_server.listen("3232")
Then I've written a proxypass in my Apache conf and use mod_proxy_wstunnel:
然后我在我的 Apache conf 中写了一个 proxypass 并使用 mod_proxy_wstunnel:
ProxyPass /ws/ ws://127.0.0.1:3232/ws/
ProxyPassReverse /ws/ ws://127.0.0.1:3232/ws/
And I create Websocket client on frontend like this:
我在前端创建 Websocket 客户端,如下所示:
var WS = new WebSocket("wss://websocket.localhost:81/ws/")
In this case I can create a connection on a secure connection with https and my port is 81 and my proxypass redirect any Websocket request to locally listened port 3232. It is not a exact solution mostly like a workaround. But it works fine for me.
在这种情况下,我可以通过 https 的安全连接创建一个连接,我的端口是 81,我的 proxypass 将任何 Websocket 请求重定向到本地侦听的端口 3232。这不是一个确切的解决方案,主要是一种解决方法。但它对我来说很好。
回答by Ben Darnell
If it's a self-signed certificate, browsers won't show the dialog to accept the certificate if it's only used in a websocket. You must first visit a normal page on the same server to see and accept the certificate warning, and then you can create the secure websocket.
如果它是自签名证书,则浏览器不会显示接受该证书的对话框(如果它仅用于 websocket)。您必须首先访问同一服务器上的正常页面才能看到并接受证书警告,然后才能创建安全的 websocket。
回答by francadaval
I've solved this problem adding a certificate exception in Firefox's advanced preferences.
我已经解决了在 Firefox 的高级首选项中添加证书例外的问题。
回答by l0pan
Try to open this url https://websocket.localhost/mypath/wsin firefox and accept certificate first.
尝试在 Firefox 中打开此 url https://websocket.localhost/mypath/ws并首先接受证书。
回答by Tarocco
I was pulling my hair out over this one for a while. I was getting all kinds of cryptic error messages depending on different web browsers, that all made it sound like it was something about certificate exceptions. I had already made exceptions in Firefox and Chrome,
我在这个头发上拉了一段时间。根据不同的 Web 浏览器,我收到了各种神秘的错误消息,所有这些都使它听起来像是与证书异常有关。我已经在 Firefox 和 Chrome 中设置了例外,
It turned out I had a typo in my sub-protocol string in my Javascript!
原来我在我的 Javascript 的子协议字符串中有一个错字!
Correcting the sub-protocol string made everything better. More information on WebSockets and using sub-protocol(s): https://developer.mozilla.org/en-US/docs/Web/API/WebSocket
更正子协议字符串使一切变得更好。有关 WebSockets 和使用子协议的更多信息:https: //developer.mozilla.org/en-US/docs/Web/API/WebSocket
回答by Tarocco
If it's a self-signed certificate, browsers won't show the dialog to accept the certificate if it's only used in a websocket.
You must first visit the requested url to see and accept the certificate warning, and then you can create the secure websocket.
For example if your websocket url is:
wss://localhost:44300/OpenWebSocket
then visit:
https://localhost:44300/OpenWebSocket
and accept the certificate warning
如果它是自签名证书,则浏览器不会显示接受该证书的对话框(如果它仅用于 websocket)。
您必须首先访问请求的 url 以查看并接受证书警告,然后才能创建安全的 websocket。
例如,如果您的 websocket url 是:
wss://localhost:44300/OpenWebSocket
然后访问:
https://localhost:44300/OpenWebSocket
并接受证书警告
