[squid-users] websockets through Squid
Alex Rousskov
rousskov at measurement-factory.com
Wed Oct 7 14:09:48 UTC 2020
On 10/7/20 9:29 AM, Vieri wrote:
>> To allow WebSocket tunnels, you need http_upgrade_request_protocols available since v5.0.4
> What would the easiest way be to allow websockets through in v. 4?
Backport (the essential parts of) v5 changes to v4.
> That is, for trusted domains, allow a direct connection maybe?
Direct connections are allowed by default. That is not the issue here.
To proxy a WebSocket handshake, Squid has to, at a minimum, send an
Upgrade header to the origin server, forward the HTTP 101 response from
the origin server to the client, and then become a TCP tunnel. The last
part is impossible to accomplish in v4 with configuration options alone:
There is simply no "become a tunnel" directive that is checked after
forwarding a 1xx control message.
Alex.
More information about the squid-users
mailing list