Community
Participate
Working Groups
Build Identifier: 8.0.0.M1 The handshaking of the websocket connection with ssl is not working correctly in Jetty. The reason is that there is a hardcoded websocket 'protocol definition' in the upgrade method of the WebSocketFactory.java class (http://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/branches/jetty-8/jetty-websocket/src/main/java/org/eclipse/jetty/websocket/WebSocketFactory.java). In the upgrade method, there is the following line: response.addHeader("WebSocket-Location","ws://"+host+uri); If ssl is used the line should be like below: response.addHeader("WebSocket-Location","wss://"+host+uri); I fixed this by adding this kind of code in the upgrade method of WebSocketFactory: String prot = "ws://"; if(request.getRequestURL().indexOf("https://") == 0) { prot = "wss://"; } response.addHeader("WebSocket-Location",prot+host+uri); After the fix, the websocket connetion can be used with and without ssl. Reproducible: Always Steps to Reproduce: 0. configure Jetty to work with ssl (https) 1. create a simple websocket servlet which sends back message you send there 2. create a websocket connetion without ssl (ws://...) 3. create a websocket connetion with ssl (wss://...)
Juhani, thanks for the report with suggested fix! I'll check and apply it today and it will be in a 7.1.2 release soon. I'm not sure when the next 8 release is due, but it should receive a merge from trunk and also get this fix.
fixed in svn r1825 demo fixed in r1826
