webpack-dev-server: Wrong protocol for socket url's in a local environment
- Operating System: Mac OS Sierra 10.12.6
- Node Version: 6.5.0
- NPM Version: 3.10.3
- webpack Version: 3.8.1
- webpack-dev-server Version: 2.9.4
- This is a bug
- This is a feature request
- This is a modification request
Code
Relevant webpack setting:
devServer: {
disableHostCheck: true,
},
Expected Behavior
When running a webpack dev server on localhost in a development environment, I need the protocol for socket messages to be http, not https even if the location.protocol from the browser is https. In my usecase, an Nginx proxy resolves https requests for a particular host (https://my-domain.com) to the appropriate services (http://localhost:3000, http://localhost:3012, etc). I would then expect socket requests to be http://localhost:3012/sockjs-node/info?t=1510792203948 not https://localhost:3012/sockjs-node/info?t=1510792203948. Note the former is http and the latter is https. The expected behavior for the protocol is ‘http’ in my usecase.
Actual Behavior
In webpack-dev-server, the browser’s protocol, if available, takes precedence over the local protocol. This causes webpack features relying on sockets such as hot module reloading to fail in my environment.
For Bugs; How can we reproduce the behavior?
For Features; What is the motivation and/or use-case for the feature?
I would like to figure out some clean way of setting the protocol to http without necessarily breaking the “security by default” approach that is currently implemented. Is there a way I could solve this without having to shepard PR requests down the food chain (webpack-dev-server --> webpack --> nwb).
The relevant code is client/index.js, line 188 - 190:
if (hostname && (self.location.protocol === 'https:' || urlParts.hostname === '0.0.0.0')) {
protocol = self.location.protocol;
}
If I submitted a pull request with something like:
if (hostname && (self.location.protocol === 'https:' || urlParts.hostname === '0.0.0.0')) {
protocol = self.location.protocol;
} else if (hostname) {
protocol = 'http';
}
is that probably going to break other people’s setups? If so, do we take more of a configuration approach where I could set a string? Something like devServer.protocol = ‘http’ in webpack settings.
About this issue
- Original URL
- State: closed
- Created 7 years ago
- Reactions: 16
- Comments: 18 (8 by maintainers)
@evilebottnawi I’m sorry. But the issue initiator described my problem exactly. Anyway, I made a reproducible repo. Thank you!
Can you reopen this? I think the best solution would be to make protocol configurable in the same way as host, port and url are. Or is there a reason for this inconsistency?
@dizel3d can you open new issue
@shellscape I’m confused by everything I’ve read regarding the move away from socks as I’ve been having a similar issue as the OP and have been debugging an issue in webpack-dev-server 3.1.0 and it always seems to want to connect to /socksjs-node/… Has version 3 really migrated away from socks? If so, why do I see what the op is seeing in 3.1.0? Is socks by default and I have to set a flag somewhere to enable websocket support?
@shellscape Noted and understand. Thanks for the cultural explanations as well. I’ll remove the previous question to clear up the thread.
@ProductivePerson @calepsol No solution yet. The browser sees the sockjs requests as a CORS violation if you change it to http.