How to make sure the websocket is secured
This may seem like an absurd question, and it probably is. I am using WebSocket-Node right now , but may switch to ws soon. Therefore, answers to both implementations are welcome.
I am opening a listener on port 8080 and waiting for a connection request. Immediately after accepting the request, I want to be sure the connection is secure (as in: use wss://
and reject idle ws://
).
Trivial code taken from the documentation:
wsServer.on('request', function(request) {
// TODO: produce this single bit
SSL_IS_ACTIVE = ?;
if (!SSL_IS_ACTIVE) {
request.reject(); // ws protocol used, I want wss!
return;
}
// ... proceed to process the request (authentication and so on)
}
It sounds simplest, I haven't found any documentation about it.
Should I stick to SSL port (443) or can I choose any port, eG with:
wss://localhost:8080/test
Is there a way to test the protocol and enough, eG something like the lines:
request.protocol === "wss"
-or-
request.uri.indexOf("wss://") === 0
It looks like I am missing something because it is not possible. I am the only one who has this problem: D
Any help is appreciated for both implementations (WebSocket- Node and ws)!
source to share
I feel like an easy way to ensure that no unsafe requests will support unsecured requests while building your server. Seems to WebSocket.Node
support secure servers. I would guess that ws
too. I think there should be a way to bind to only wss
for both projects.
from WebSocket.Node
looks like you can create a TLS server using:
TLS is supported for server connections (use https.createServer http.createServer instead)
from the docs: https://github.com/theturtle32/WebSocket-Node
source to share
From https://en.wikipedia.org/wiki/WebSocket
The WebSocket protocol specification defines two new URI schemes, ws: and wss:, for unencrypted and encrypted connections, respectively. In addition to the schema name and fragment (# not supported), the rest of the URI components are defined to use the generic URI syntax .
This way, you can specify ports in websocket URLs in the same way as you would for regular web links.
source to share