From 2042fe27d7f0e19936ae77eec8182e1e22f09b33 Mon Sep 17 00:00:00 2001 From: Notepid <1101091+notepid@users.noreply.github.com> Date: Tue, 19 Mar 2024 14:33:01 +0100 Subject: [PATCH] wsDuplex.setClient() must be called after the proxy headers and proxied is set so its set during constructor call or the proxy headers will not be applied --- core/servers/login/websocket.js | 37 +++++++++++++++++---------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/core/servers/login/websocket.js b/core/servers/login/websocket.js index de9e09aa..5b2fec20 100644 --- a/core/servers/login/websocket.js +++ b/core/servers/login/websocket.js @@ -71,6 +71,25 @@ class WebSocketClient extends TelnetClient { })(ws); super(wsDuplex); + + Log.trace({ headers: req.headers }, 'WebSocket connection headers'); + + // + // If the config allows it, look for 'x-forwarded-proto' as "https" + // to override |isSecure| + // + if ( + true === _.get(Config(), 'loginServers.webSocket.proxied') && + 'https' === req.headers['x-forwarded-proto'] + ) { + Log.debug( + `Assuming secure connection due to X-Forwarded-Proto of "${req.headers['x-forwarded-proto']}"` + ); + this.proxied = true; + } else { + this.proxied = false; + } + wsDuplex.setClient(this, req); // fudge remoteAddress on socket, which is now TelnetSocket @@ -91,24 +110,6 @@ class WebSocketClient extends TelnetClient { ws.isConnectionAlive = true; }); - Log.trace({ headers: req.headers }, 'WebSocket connection headers'); - - // - // If the config allows it, look for 'x-forwarded-proto' as "https" - // to override |isSecure| - // - if ( - true === _.get(Config(), 'loginServers.webSocket.proxied') && - 'https' === req.headers['x-forwarded-proto'] - ) { - Log.debug( - `Assuming secure connection due to X-Forwarded-Proto of "${req.headers['x-forwarded-proto']}"` - ); - this.proxied = true; - } else { - this.proxied = false; - } - // start handshake process this.banner(); }