Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 313336

Summary: Websocket handshaking fails if ssl is used.
Product: [RT] Jetty Reporter: Juhani Pakanen <junnu187>
Component: serverAssignee: Greg Wilkins <gregw>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: jetty-inbox
Version: unspecified   
Target Milestone: 7.0.2.RC0   
Hardware: All   
OS: All   
Whiteboard:

Description Juhani Pakanen CLA 2010-05-18 08:47:06 EDT 
Build Identifier: 8.0.0.M1

The handshaking of the websocket connection with ssl is not working correctly in Jetty. The reason is that there is a hardcoded websocket 'protocol definition' in the upgrade method of the WebSocketFactory.java class (http://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/branches/jetty-8/jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketFactory.java).

In the upgrade method, there is the following line:
response.addHeader("WebSocket-Location","ws://"+host+uri);

If ssl is used the line should be like below:
response.addHeader("WebSocket-Location","wss://"+host+uri);

I fixed this by adding this kind of code in the upgrade method of WebSocketFactory:
String prot = "ws://";
if(request.getRequestURL().indexOf("https://") == 0) {
    prot = "wss://";
}
response.addHeader("WebSocket-Location",prot+host+uri);

After the fix, the websocket connetion can be used with and without ssl.

Reproducible: Always

Steps to Reproduce:
0. configure Jetty to work with ssl (https)
1. create a simple websocket servlet which sends back message you send there
2. create a websocket connetion without ssl (ws://...)
3. create a websocket connetion with ssl (wss://...)
Comment 1 Greg Wilkins CLA 2010-05-20 04:26:42 EDT 
Juhani,

thanks for the report with suggested fix! 

I'll check and apply it today and it will be in a 7.1.2 release soon.
I'm not sure when the next 8 release is due, but it should receive a merge from trunk and also get this fix.
Comment 2 Greg Wilkins CLA 2010-05-20 05:48:46 EDT 
fixed in svn r1825
demo fixed in r1826