Re: [hybi] WebSocket -76 is incompatible with HTTP reverse proxies

"Thomson, Martin" <Martin.Thomson@andrew.com> Wed, 07 July 2010 05:21 UTC

Return-Path: <Martin.Thomson@andrew.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 86B243A687B for <hybi@core3.amsl.com>; Tue, 6 Jul 2010 22:21:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.647
X-Spam-Level:
X-Spam-Status: No, score=-1.647 tagged_above=-999 required=5 tests=[AWL=-0.537, BAYES_05=-1.11]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OPI+5-qC8EBW for <hybi@core3.amsl.com>; Tue, 6 Jul 2010 22:21:22 -0700 (PDT)
Received: from csmailgw2.commscope.com (csmailgw2.commscope.com [198.135.207.242]) by core3.amsl.com (Postfix) with ESMTP id 970463A6873 for <hybi@ietf.org>; Tue, 6 Jul 2010 22:21:18 -0700 (PDT)
Received: from [10.86.20.102] ([10.86.20.102]:5153 "EHLO ACDCE7HC1.commscope.com") by csmailgw2.commscope.com with ESMTP id S258618Ab0GGFVU (ORCPT <rfc822; hybi@ietf.org>); Wed, 7 Jul 2010 00:21:20 -0500
Received: from SISPE7HC2.commscope.com (10.97.4.13) by ACDCE7HC1.commscope.com (10.86.20.102) with Microsoft SMTP Server (TLS) id 8.1.436.0; Wed, 7 Jul 2010 00:21:20 -0500
Received: from SISPE7MB1.commscope.com ([fe80::9d82:a492:85e3:a293]) by SISPE7HC2.commscope.com ([fe80::58c3:2447:f977:57c3%10]) with mapi; Wed, 7 Jul 2010 13:21:18 +0800
From: "Thomson, Martin" <Martin.Thomson@andrew.com>
To: Roberto Peon <fenix@google.com>, Willy Tarreau <w@1wt.eu>
Date: Wed, 7 Jul 2010 13:23:22 +0800
Thread-Topic: [hybi] WebSocket -76 is incompatible with HTTP reverse proxies
Thread-Index: AcsdkypIpYS8+b7VQc6XfLW3uodlNgAAOtWw
Message-ID: <8B0A9FCBB9832F43971E38010638454F03E9DCCA29@SISPE7MB1.commscope.com>
References: <20100706210039.GA12167@1wt.eu> <B709B846-2A8C-4B84-8F4D-B06B81D91A7B@brandedcode.com> <20100707044129.GH12126@1wt.eu> <AANLkTik-i_9a7JpaFRqPLBr68buPM5Ml3N1iabaJby8k@mail.gmail.com>
In-Reply-To: <AANLkTik-i_9a7JpaFRqPLBr68buPM5Ml3N1iabaJby8k@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-BCN: Meridius 1000 Version 3.4 on csmailgw2.commscope.com
X-BCN-Sender: Martin.Thomson@andrew.com
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] WebSocket -76 is incompatible with HTTP reverse proxies
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2010 05:21:36 -0000

> Content-length: 0 also makes sense but it means that the nonce will
> be sent *after* the handshake, which means we'd have a second
> round-trip. 

The round-trip thing is a fallacy.  Just as you can pipeline requests, so can you send extra handshakey parts after the headers.

Solution:  The handshake includes a complete HTTP message, PLUS extra stuff.  All of this is sent at once, but the HTTP stuff stops half way.

This is only true if the extra stuff is dependent on information from the peer, which is not the case in this scenario.