Getting Bad request 400 with reverse proxy NGINX with web socket channels

Hi guys,

I am playing around with phoenix 1.4 channels, everything works well in local (of course), but I am unable to make channels work when deployed online (http://eerf.fr.openode.io/ the web socket connection always get 400 status code) with reverse proxies.

I have an NGINX -> docker container setup and my NGINX server have the proper upgrade settings for web sockets:

 upstream backendeerfhttp {
    server 127.0.0.1:64193;
  }

  server {
      listen       80;
      server_name  eerf.fr.openode.io;

      location / {
          proxy_pass http://backendeerfhttp;
          proxy_set_header Upgrade $http_upgrade; 
          proxy_set_header Connection "Upgrade";
          proxy_set_header        X-Forwarded-For   $remote_addr;
          proxy_set_header        X-Real-IP         $remote_addr;
          proxy_set_header        Host              $host;
          proxy_set_header Access-Control-Allow-Origin *;
          proxy_read_timeout 900;
      }
  }

I have another simple test web socket (in Node.js) to make sure NGINX is set up properly for web socket here and it works if you check the networks connection (chrome) - http://wssimpletest.fr.openode.io/.

I have the following endpoint config in prod.exs

config :eerf, EerfWeb.Endpoint,
  http: [:inet6, port: System.get_env("PORT") || 4000],
  check_origin: ["//localhost", "//eerf.fr.openode.io"],
  url: [host: "eerf.fr.openode.io", port: 80]#,

From js I connect via let socket = new Socket("/socket", {params: {token: window.userToken}})
and in networks connection I can see it tries to connect correctly to ws://eerf.fr.openode.io/socket/websocket?token=undefined&vsn=2.0.0

The server logs show the following

20:45:43.091 [info] CONNECT EerfWeb.UserSocket
  Transport: :websocket
  Connect Info: %{}
  Parameters: %{"token" => "undefined", "vsn" => "2.0.0"}
20:45:43.091 [info] Replied EerfWeb.UserSocket :ok

But strangely NGINX always returns 400 bad requests. The code is available over here https://github.com/martinlevesque/eerf

Any idea what could the issue or any idea to better debug?

Thanks

1 Like

Just found out that the exact missing setting was to force http 1.1 (i’m just testing without ssl for now): “proxy_http_version 1.1”.

as in:

location / {
          proxy_http_version 1.1; # <------------------------------
          proxy_pass http://localhost:some-port-here;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "Upgrade";
          proxy_set_header        X-Forwarded-For   $remote_addr;
          proxy_set_header        X-Real-IP         $remote_addr;
          proxy_set_header        Host              $host;
          proxy_set_header Access-Control-Allow-Origin *;
          proxy_read_timeout 900;
      }
8 Likes