Use Wireshark to capture the problem that the browser cannot establish a WebSocket connection (server is Alchemy WebSockets component)

Source: Internet
Author: User
Tags send cookies

Working with WebSocket technology, the use of the process found that the browser (Chrome) after the upgrade may cause the WebSocket is not available, the browser can be changed after the normal use.

Once in a while, it is occasionally possible to debug locally, discovering that using the same version of the Chrome browser does not connect to the WS service on the online server, but can connect to the local WS service. The initial suspicion is that the server will trigger an unreachable problem in some special case.

Use Wireshark to grab a bag

Filter:ip.dst==serverip or (ip.dst== local IP and Ip.src==serverip)

I. View network requests for browsers that can connect to online services ( Sogou high-speed core )

You can see the steps to establish the WebSocket connection:

1, first establish the TCP connection, the three-bar is the TCP connection three times handshake

2, send an HTTP request, the header content is as follows

get/write?agentid=255 http/1.1upgrade:websocketconnection:upgradehost:10.134.71.235:2015origin:http:// 10.134.71.235pragma:no-cachecache-control:no-cachesec-websocket-key:nddl4peqgeukion0p+ihwq== Sec-websocket-version:13sec-websocket-extensions:permessage-deflate; Client_max_window_bits, x-webkit-deflate-frameuser-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/35.0.1916.153 safari/537.36 SE 2.X metasr 1.0cookie:asp.net_session Id=kdparak1ecjplo4erozul2yl; [Email protected]; ID=77.NRE6BXSRDDXY6INL1HMKRADN7L4YIT4WCTGYU43Q9R4; [Email protected]; pw=70467311a7ed8f62b58f8f1d65cdb408
WebSocket connecting HTTP request Header content

Server returns

http/1.1 101 Switching protocolsupgrade:websocketconnection:upgradesec-websocket-accept:ldedyttlps6j7eygf4awechi+ d4=
WebSocket Connection HTTP request returned

3. Connection established successfully, send and receive messages using WebSocket protocol

where [fin][masked] sends a message to the server for the browser

[FIN] sends a message to the browser for the server, and the browser receives a TCP [ACK] packet Acknowledgement

Normal network requests know, then the server does not change, change the browser

II. viewing network requests that do not connect to the online server (Chrome)

As you can see, after the HTTP request is sent out, there is no 101 reply and the server directly initiates the process of the TCP disconnection.

The content of the HTTP request is suspected to be incorrect. View Request Header

get/write?agentid=255 Http/1.1host:10.134.71.235:2015connection:upgradepragma:no-cachecache-control: no-cacheupgrade:websocketorigin:http://10.134.71.235sec-websocket-version:13user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/41.0.2272.118 safari/537.36accept-encoding:gzip, deflate, sdchaccept-language:zh-cn,zh;q=0.8,en;q=0.6cookie:asp.net_sessionid=1rfwnghibfq2jvvjrlbflvl0; [Email protected]; ID=77.NRE6BXSRDDXY6INL1HMKRADN7L4YIT4WCTGYU43Q9R4; [Email protected]; Pw=isqky+6i5u5zm89pna9unnirbd9v74g5799fdjvrk78altw0mvq5icqjpnlcweehtl646j88ine03aywm4ppca==sec-websocket-key: Kcewlrs2bowyzsoyxgcqnw==sec-websocket-extensions:permessage-deflate; Client_max_window_bits
View Code

and Sogou bag contrast, as if there is no problem, next browser unchanged, replace the server

III. viewing network requests for local servers that can connect properly (Chrome)

Connection establishment process is normal, no need, focus on the HTTP request header inside the content

get/write?agentid=255 Http/1.1host:10.129.157.168:2015connection:upgradepragma:no-cachecache-control: no-cacheupgrade:websocketorigin:http://localhost:8317sec-websocket-version:13user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/41.0.2272.118 safari/537.36accept-encoding:gzip, deflate, Sdchaccept-language:zh-cn,zh;q=0.8,en;q=0.6sec-websocket-key:ldway7bvj6c0gt9xbh/r/q==sec-websocket-extensions: Permessage-deflate; Client_max_window_bits
View Code

Analysis Reason

The analysis found that there was no cookie data in the header, presumably because the cookie inside the HTTP request caused the connection to be broken.

Chrome

Here's the first strange question, why does chrome sometimes send cookies, sometimes not?

After several debugging discoveries:

1. Close the browser and restart the first time, using m.venus.sogou-inc.com access, is normal to use

2. No connection can be connected via IP direct access server at any time

3. As long as the IP access, with the domain name access also can not connect properly

Analyze cookies

Cookies when accessed with a domain name

Cookies that are accessed with IP

The company's analysis of the m.venus.sogou-inc.com is through the proxy server, the current OP Nginx can not forward the WS-Protocol request

So the way the browser creates WebSocket is the new WebSocket (' Ws://ip:port ') instead of the new WebSocket (' Ws://hostname:port ')

Restart the browser, use the domain name to access the time, the header

host:10.134.71.235:2015
Origin:http://m.venus.sogou-inc.com

This is a cross-domain HTTP request, so there is no cookie in the request, and Chrome is clearly the default setting for the application in the HTTP request in the WS-Protocol.

When using IP to access

host:10.134.71.235:
origin:http://10.134.71.235

This is a request from the same domain, so a cookie will be brought. The second question has been explained.

Once the IP is accessed, the cookie is planted under this IP, and even in the case of domain name access, the host of the HTTP request sent by the WS-Protocol is ip:port, so the cookie under IP is also sent.

You can see that the life cycle of cookies is session level, so it is possible to restart the browser and then access the domain name.

The first to third question has been explained.

However, Sogou browser request inside also contains a cookie, why Sogou can connect the server normally?

Sogou High-speed core

Using Sogou high-speed nuclear test repeatedly, found that:

1. Sogou high-speed core cookie data is not sent SessionID

2. Sogou browser will send a cookie at any time

Cookies accessed with a domain name:

Cookies that are accessed with IP:

By comparing the value of the cookie, the cookie that is sent is a cookie under the IP domain.

So here are two questions that can't be explained.

1. Why cookies with HttpOnly attribute, Sogou browser will not be sent out when sending the request

2. Why the cookie for the session is not killed when all the Sogou browser processes are turned off

This is not a Sogou browser two bug it?

At this point it is basically OK because the cookie with SessionID causes the server to be actively disconnected.

The WebSocket server for the cloud platform was developed with Alchemy WebSockets. According to normal logic, the WebSocket server should not use the session to determine the user identity, because it and HTTP are not part of the same session.

It is now suspected that the issue is caused by a bug in Alchemy websockets components.

Debug Alchemy WebSockets Source code

First publish a cloud platform server in local IIS, then start a debugging service in VS, log on to the local cloud platform via IP, and then access the debugged service through the localhost: Debug port to emulate the cookie in the HTTP request of the WS connection.

One step at a time from the beginning of the connection to a breakpoint, to the Handshake.cs class, find a method:

         Public BOOL IsValid ()        {            return  (                       null)&&                       null) && 8)                   );        }                         
View Code

Under normal circumstances This method returns true, with a cookie in the request and a return of false after containing SessionID. The reason is key==null.

Grab the header of the bag:

get/write?agentid=261 Http/1.1host:10.129.157.168:2015connection:upgradepragma:no-cachecache-control: no-cacheupgrade:websocketorigin:http://localhost:8317sec-websocket-version:13user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/41.0.2272.118 safari/537.36accept-encoding:gzip, deflate, SDCHACCEPT-LANGUAGE:ZH-CN,ZH;Q=0.8,EN;Q=0.6COOKIE:ASP.NET_SESSIONID=5QMGZIHKXTVNTXIRMEKBM2TV; [Email protected]; ID=77.NRE6BXSRDDXY6INL1HMKRADN7L4YIT4WCTGYU43Q9R4; [Email protected]; Pw=rgpcwqeawjg9jxhvz/rlzm4ac1+ndhll2y1kkyp6pvlkz5o/oj5/osp8t8vsg3d+dje3x0q7zh/7ggw2jme63a==sec-websocket-key: Tljhvbrhmkqek3snpu7bna==sec-websocket-extensions:permessage-deflate; Client_max_windo

You can see that the sec-websocket-key is there.

Debug into the analysis processing header class inside, found the received header string is

get/write?agentid=261 Http/1.1host:10.129.157.168:2015connection:upgradepragma:no-cachecache-control: no-cacheupgrade:websocketorigin:http://localhost:8317sec-websocket-version:13user-agent:mozilla/5.0 (Windows NT 6.1; WOW64) applewebkit/537.36 (khtml, like Gecko) chrome/41.0.2272.118 safari/537.36accept-encoding:gzip, deflate, SDCHACCEPT-LANGUAGE:ZH-CN,ZH;Q=0.8,EN;Q=0.6COOKIE:ASP.NET_SESSIONID=5QMGZIHKXTVNTXIRMEKBM2TV; [Email protected]; ID=77.NRE6BXSRDDXY6INL1HMKRADN7L4YIT4WCTGYU43Q9R4; un=
View Code

Found the header missing a paragraph. Continue to analyze the code of this component and discover

In Handler.cs:

In TCPServer:

The default is to read only 512 bytes of data, and change it to a large enough size to test it, no problem.

The reason for this problem has been found, Alchemy websockets in the second step of processing WS-Connection-when sending HTTP requests, the parsing method of the HTTP header is problematic, resulting in the loss of critical data, the Ses-websocket-key generated in the browser, That the server thought it was an illegal connection request and was killed.

This problem can be solved by modifying the location of the header to read all the data to be processed.

But two questions were left during the commissioning process:

1. Why cookies with HttpOnly attribute, Sogou browser will not be sent out when sending the request

2. Why the cookie for the session is not killed when all the Sogou browser processes are turned off

Use Wireshark to capture the problem that the browser cannot establish a WebSocket connection (server is Alchemy WebSockets component)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.