Javascript 如何使用Nginx进行安全的Web套接字连接?
我可以通过JavaScript:var websocket=newwebsocket(“ws://IP:PORT”)将web套接字直接连接到我的PHP守护进程服务器;这将正确地获得握手,但当我尝试nginx代理时,它无法接收Sec WebSocket键的头值,握手失败 --最近更新:JavaScript根本无法连接,原因是:SyntaxError:指定了无效或非法的字符串 nginx config file: upstream chatwebsocket { server 127.0.0.1:9090; } server { # ... listen 80 default_server; location / { proxy_pass http://chatwebsocket; ... proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; } 我缺少代理集标题** 升级Javascript 如何使用Nginx进行安全的Web套接字连接?,javascript,php,websocket,nginx-reverse-proxy,Javascript,Php,Websocket,Nginx Reverse Proxy,我可以通过JavaScript:var websocket=newwebsocket(“ws://IP:PORT”)将web套接字直接连接到我的PHP守护进程服务器;这将正确地获得握手,但当我尝试nginx代理时,它无法接收Sec WebSocket键的头值,握手失败 --最近更新:JavaScript根本无法连接,原因是:SyntaxError:指定了无效或非法的字符串 nginx config file: upstream chatwebsocket { serve
**$http_升级 JavaScript中的do:
var-websocket=new-websocket('wss://DomainName:443');代码>
在Nginx中,请执行以下操作:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream appwebsocket {
server 127.0.0.1:9090;
}
server {
listen 443;
server_name YOUR_Domain_Name_HERE;
ssl on;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://appwebsocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
进行连接升级是让Nginx中的一切正常工作的关键。我不需要设置Sec WebSocket密钥头(在nginx中)!而且,我不需要重新编写我的PHP应用程序
请记住,您可以向nginx位置路径添加一个路径,这样您就可以使您的网页保持在线,并将web套接字路由到该路径 我想我可以试一试:我想让我的web套接字代码在PHP中保持简单和干净,同时仍然使用Nginx为我做SSL。我不知道该怎么做,有什么想法吗?好吧,我想我现在明白了:只是通过nginx添加了SSL支持来监听443和安装的证书。现在,我可以通过JavaScript进行连接wss://myDomain:443 web套接字的URL。进行连接升级是让Nginx中的一切正常工作的关键。我不需要设置Sec WebSocket密钥头(在nginx中)!
if (! isset($headers['sec-websocket-key'])) {
return "HTTP/1.1 400 Bad Key Request"; //...
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream chatwebsocket {
server 127.0.0.1:9090;
}
server {
listen 8020;
location / {
proxy_pass http://chatwebsocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream appwebsocket {
server 127.0.0.1:9090;
}
server {
listen 443;
server_name YOUR_Domain_Name_HERE;
ssl on;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://appwebsocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}