HACK: add support for using a proxy for wss connections #74
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -693,14 +693,27 @@ to the websocket protocol. | |
| (port (if (= 0 (url-port url-struct)) | ||
| (if (eq type 'tls) 443 80) | ||
| (url-port url-struct))) | ||
| (host (url-host url-struct)) | ||
| (url-as-http (let ((url-as-http (copy-sequence url-struct))) | ||
| (setf (url-type url-as-http) (if (eq type 'plain) "http" "https")) | ||
| url-as-http)) | ||
| (proxy (url-generic-parse-url (url-find-proxy-for-url url-as-http (url-host url-as-http))))) | ||
| (if (eq type 'plain) | ||
| (make-network-process :name name :buffer nil :host host | ||
| :service port :nowait nowait) | ||
| (if proxy | ||
| (let ((plain-conn (make-network-process | ||
| :name name :buffer nil :host (url-host proxy) | ||
| :service (url-port proxy)))) | ||
| (let ((url-http-after-change-function) | ||
| (url-current-object url-as-http)) | ||
| (url-https-proxy-connect plain-conn)) | ||
| (sleep-for 0.5) | ||
|
Owner
There was a problem hiding this comment. Why is the sleep needed? Can we instead check
Author
There was a problem hiding this comment. We need to wait until we get a response to the CONNECT issued by url-https-proxy-connect. The proper (and only) way to do this is with a process-filter. I was just too lazy to hook up that additional possible state into the websocket.el process filter... |
||
| (gnutls-negotiate :process plain-conn :hostname host)) | ||
|
Owner
There was a problem hiding this comment. Is this all a standard sequence of actions for https proxy connections? How would we be sure this is correct?
Author
There was a problem hiding this comment. As far as I know it's pretty standard - I figured this out mostly by reading url.el. We certainly could add a test for this. I looked briefly at https://tinyproxy.github.io/ and it looks like it should support proxying websocket connections. I just didn't get around to it because I wanted to figure out quickly if I could get this working against the internal corporate proxy that I wanted to access. |
||
| (condition-case-unless-debug nil | ||
| (open-network-stream name nil host port :type type :nowait nowait) | ||
| (wrong-number-of-arguments | ||
| (signal 'websocket-wss-needs-emacs-24 (list "wss"))))))) | ||
| (signal 'websocket-unsupported-protocol (list (url-type url-struct))))) | ||
| (websocket (websocket-inner-create | ||
| :conn conn | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will this work with http proxies? I'd guess you would need to make the host different if it is a proxy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure what you mean by "http proxies" - the code I have here only works with proxies that talk plain HTTP without encryption. (The gnutls-negotiate later on is for TLS with the websocket server)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I wrote something that didn't make sense.
The way I read this, it doesn't look like it would go through a proxy for unencrypted websockets. The logic testing for proxies is only execute if
typeis not'plain.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, this only works for wss:// at the moment. I didn't have a need for ws:// and didn't set up a testing environment for it. In theory it could be as simple as not doing the gnutls-negotiate.