github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #2119] wss support #1684

New issue
Closed
opened 2026-05-05 13:04:42 -06:00 by gitea-mirror · 11 comments
gitea-mirror commented 2026-05-05 13:04:42 -06:00
Owner
Copy link

Originally created by @fredericmalo on GitHub (Nov 28, 2020).
Original GitHub issue: https://github.com/fatedier/frp/issues/2119

Originally assigned to: @yuyulei on GitHub.

The solution you want

Hello, as I don't understand chinese, could someone explain the status of this pull request ? It seems that it solves my issue

https://github.com/fatedier/frp/pull/1919

As Caddy Server provides wss support out-of-the-box (I didn't need any configuration on this), I would need ro reverse proxy https + wss with FRP. For now, wss are in 'pending' mode in Chrome.

Alternatives considered

I don't think there is any alternative, but please explain how to configure rpc for this !

Thanks !

Originally created by @fredericmalo on GitHub (Nov 28, 2020). Original GitHub issue: https://github.com/fatedier/frp/issues/2119 Originally assigned to: @yuyulei on GitHub. <!-- From Chinese to English by machine translation, welcome to revise and polish. --> **The solution you want** Hello, as I don't understand chinese, could someone explain the status of this pull request ? It seems that it solves my issue https://github.com/fatedier/frp/pull/1919 <!--A clear and concise description of the solution you want. --> As Caddy Server provides wss support out-of-the-box (I didn't need any configuration on this), I would need ro reverse proxy https + wss with FRP. For now, wss are in 'pending' mode in Chrome. **Alternatives considered** <!--A clear and concise description of any alternative solutions or features you have considered. --> I don't think there is any alternative, but please explain how to configure rpc for this ! Thanks !
gitea-mirror 2026-05-05 13:04:42 -06:00
  • closed this issue
  • added the
    question
         label
gitea-mirror commented 2026-05-05 13:04:45 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Nov 30, 2020):

It won't be supported since the protocol is between frpc and frps.

What's your usage scenario?

<!-- gh-comment-id:735525096 --> @fatedier commented on GitHub (Nov 30, 2020): It won't be supported since the protocol is between frpc and frps. What's your usage scenario?
gitea-mirror commented 2026-05-05 13:04:46 -06:00
Author
Owner
Copy link

@fredericmalo commented on GitHub (Nov 30, 2020):

Dear,

I was using Caddy server to handle http/https requests, but it exposes the public IP of my home router. I would like to hide my public IP by tunneling thanks to FRP.

I would like to expose a Node-Red instance through FRP, but the wss flow stays in "pending" status.
As explained here, node-red needs wss://domain.ltd/comms to push real-time debug messages to the webinterface:

wss - domain ltd - comms

As wss is quiet popular protocol now, I guess it would interest lots of FRP users :)

It works out-of-the-box with Caddyfile with this config:

nodered.mydomain.com {
  log {
    output file /logs/nodered.log
  }
  reverse_proxy localhost:1880
}

Do you need more clarification from my side ?

Thanks, best !

<!-- gh-comment-id:735852763 --> @fredericmalo commented on GitHub (Nov 30, 2020): Dear, I was using Caddy server to handle http/https requests, but it exposes the public IP of my home router. I would like to hide my public IP by tunneling thanks to FRP. I would like to expose a Node-Red instance through FRP, but the wss flow stays in "pending" status. As explained [here](https://discourse.nodered.org/t/websocket-connection-handshake-404-on-comms-nginx-to-node-red-does-block-websocket-communication/15619), node-red needs wss://domain.ltd/comms to push real-time debug messages to the webinterface: <img width="676" alt="wss - domain ltd - comms" src="https://user-images.githubusercontent.com/3525134/100627571-73888500-3327-11eb-8df2-1c20f240d86c.png"> As wss is quiet popular protocol now, I guess it would interest lots of FRP users :) It works out-of-the-box with Caddyfile with this config: ``` nodered.mydomain.com { log { output file /logs/nodered.log } reverse_proxy localhost:1880 } ``` Do you need more clarification from my side ? Thanks, best !
gitea-mirror commented 2026-05-05 13:04:47 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Dec 1, 2020):

You can find more solutions from these documents:

https://github.com/fatedier/frp#visit-your-web-service-in-lan-by-custom-domains

https://github.com/fatedier/frp#enable-https-for-local-http-service

Or just use TCP type https://github.com/fatedier/frp#access-your-computer-in-lan-by-ssh

<!-- gh-comment-id:736187925 --> @fatedier commented on GitHub (Dec 1, 2020): You can find more solutions from these documents: https://github.com/fatedier/frp#visit-your-web-service-in-lan-by-custom-domains https://github.com/fatedier/frp#enable-https-for-local-http-service Or just use `TCP` type https://github.com/fatedier/frp#access-your-computer-in-lan-by-ssh
gitea-mirror commented 2026-05-05 13:04:48 -06:00
Author
Owner
Copy link

@fewkso commented on GitHub (Dec 1, 2020):

Hi @fatedier, our frps is behind a https load balancer which forces http to https, so we can't use insecure websocket connection. The proposed change is simple and it works (could it be refined?, maybe, I don't know), but it would be super useful to have the feature out of the box instead of having to merge the code ourself.

<!-- gh-comment-id:736613696 --> @fewkso commented on GitHub (Dec 1, 2020): Hi @fatedier, our frps is behind a https load balancer which forces http to https, so we can't use insecure websocket connection. The proposed change is simple and it works (could it be refined?, maybe, I don't know), but it would be super useful to have the feature out of the box instead of having to merge the code ourself.
gitea-mirror commented 2026-05-05 13:04:49 -06:00
Author
Owner
Copy link

@fatedier commented on GitHub (Dec 1, 2020):

@fewkso You problem isn't same here.

It's not the protocol we want to support between frpc and frps. It will limit the future design for frp's self protocol.

You can try to combine frps with other tunnel projects which can tunnel TCP on other protocols like websocket or UDP.

<!-- gh-comment-id:736877163 --> @fatedier commented on GitHub (Dec 1, 2020): @fewkso You problem isn't same here. It's not the protocol we want to support between frpc and frps. It will limit the future design for frp's self protocol. You can try to combine frps with other tunnel projects which can tunnel TCP on other protocols like websocket or UDP.
gitea-mirror commented 2026-05-05 13:04:50 -06:00
Author
Owner
Copy link

@fredericmalo commented on GitHub (Dec 8, 2020):

Hello, I digg into this issue and found that websocket are working properly in http mode:

[nodered-http]
type = http
local_ip = my-server-ip
local_port = 1880
custom_domains = nodered.mydomain.com
ws

but when I switch to https, the websocket protocol switch from ws://nodered.mydomain.com/comms to wss://nodered.mydomain.com/comms

and status is endless 'pending' as described at the beginning of this ticket.

[nodered-https]
type = https
custom_domains = nodered.mydomain.com

plugin = https2http
plugin_local_addr = my-server-ip:1880
plugin_crt_path = /etc/fullchain.pem
plugin_key_path = /etc/privkey.pem
plugin_host_header_rewrite = my-server-ip:1880

Do you have any idea how to proxy wss protocol thanks to FRP ?

Thanks ! all the best !

<!-- gh-comment-id:740745694 --> @fredericmalo commented on GitHub (Dec 8, 2020): Hello, I digg into this issue and found that websocket are working properly in http mode: ``` [nodered-http] type = http local_ip = my-server-ip local_port = 1880 custom_domains = nodered.mydomain.com ``` <img width="888" alt="ws" src="https://user-images.githubusercontent.com/3525134/101511554-f4c0c700-397a-11eb-976f-ef41e0861871.png"> but when I switch to https, the websocket protocol switch from _ws://nodered.mydomain.com/comms_ to _**wss**://nodered.mydomain.com/comms_ and status is endless '_pending_' as described at the beginning of this ticket. ``` [nodered-https] type = https custom_domains = nodered.mydomain.com plugin = https2http plugin_local_addr = my-server-ip:1880 plugin_crt_path = /etc/fullchain.pem plugin_key_path = /etc/privkey.pem plugin_host_header_rewrite = my-server-ip:1880 ``` Do you have any idea how to proxy wss protocol thanks to FRP ? Thanks ! all the best !
gitea-mirror commented 2026-05-05 13:04:52 -06:00
Author
Owner
Copy link

@dong-zeyu commented on GitHub (Jan 9, 2021):

I encounter the same problem when using https2http plugin, when the backend is not nginx. I think it might because the backend does not provide as much information as nginx to the frp for it's normally functioning. As suggested by #2125, you could use nginx as an intermediate server to do the http to https convert, like backend <---http---> nginx <---https---> frp.

<!-- gh-comment-id:757247037 --> @dong-zeyu commented on GitHub (Jan 9, 2021): I encounter the same problem when using `https2http` plugin, when the backend is not nginx. I think it might because the backend does not provide as much information as nginx to the frp for it's normally functioning. As suggested by #2125, you could use nginx as an intermediate server to do the http to https convert, like `backend <---http---> nginx <---https---> frp`.
gitea-mirror commented 2026-05-05 13:04:53 -06:00
Author
Owner
Copy link

@yuyulei commented on GitHub (Jan 21, 2021):

a websocket bug fixed by #2199 , now you can try new release v0.35.0

wss will be supported later.

Hello, I digg into this issue and found that websocket are working properly in http mode:

[nodered-http]
type = http
local_ip = my-server-ip
local_port = 1880
custom_domains = nodered.mydomain.com
ws

but when I switch to https, the websocket protocol switch from ws://nodered.mydomain.com/comms to wss://nodered.mydomain.com/comms

and status is endless 'pending' as described at the beginning of this ticket.

[nodered-https]
type = https
custom_domains = nodered.mydomain.com

plugin = https2http
plugin_local_addr = my-server-ip:1880
plugin_crt_path = /etc/fullchain.pem
plugin_key_path = /etc/privkey.pem
plugin_host_header_rewrite = my-server-ip:1880

Do you have any idea how to proxy wss protocol thanks to FRP ?

Thanks ! all the best !

<!-- gh-comment-id:764213556 --> @yuyulei commented on GitHub (Jan 21, 2021): a websocket bug fixed by #2199 , now you can try new release v0.35.0 wss will be supported later. > Hello, I digg into this issue and found that websocket are working properly in http mode: > > ``` > [nodered-http] > type = http > local_ip = my-server-ip > local_port = 1880 > custom_domains = nodered.mydomain.com > ``` > > <img alt="ws" width="888" src="https://user-images.githubusercontent.com/3525134/101511554-f4c0c700-397a-11eb-976f-ef41e0861871.png"> > > but when I switch to https, the websocket protocol switch from _ws://nodered.mydomain.com/comms_ to _**wss**://nodered.mydomain.com/comms_ > > and status is endless '_pending_' as described at the beginning of this ticket. > > ``` > [nodered-https] > type = https > custom_domains = nodered.mydomain.com > > plugin = https2http > plugin_local_addr = my-server-ip:1880 > plugin_crt_path = /etc/fullchain.pem > plugin_key_path = /etc/privkey.pem > plugin_host_header_rewrite = my-server-ip:1880 > ``` > > Do you have any idea how to proxy wss protocol thanks to FRP ? > > Thanks ! all the best !
gitea-mirror commented 2026-05-05 13:04:54 -06:00
Author
Owner
Copy link

@dong-zeyu commented on GitHub (Jan 21, 2021):

I test it in the lastest dev branch and it seems that the problem persists.

I created a test case to reproduce this issue. It seems that it's a different issue from the KeepAlive one, because in the test case, all the requests is simulated in the tcp layer.

# Ubuntu 20.04
tar zxf wss_test.tar.gz
cd wss_test
frps -c frps.ini &
frpc -c frpc.ini &

In another shell

python3 wss_test.py
# The read operation timed out when client accepting handshaking message

Some explanation can be seen in wss_test.py.

<!-- gh-comment-id:764897750 --> @dong-zeyu commented on GitHub (Jan 21, 2021): I test it in the lastest dev branch and it seems that the problem persists. I created a [test case](https://github.com/fatedier/frp/files/5851428/wss_test.tar.gz) to reproduce this issue. It seems that it's a different issue from the KeepAlive one, because in the test case, all the requests is simulated in the tcp layer. ```bash # Ubuntu 20.04 tar zxf wss_test.tar.gz cd wss_test frps -c frps.ini & frpc -c frpc.ini & ``` In another shell ```bash python3 wss_test.py # The read operation timed out when client accepting handshaking message ``` Some explanation can be seen in `wss_test.py`.
gitea-mirror commented 2026-05-05 13:04:55 -06:00
Author
Owner
Copy link

@yuyulei commented on GitHub (Feb 3, 2021):

@fredericmalo https proxy can support wss. Give a frpc.ini demo if the server can accept https request:

[nodered-https]
type = https
local_ip = my-server-ip
local_port = 1880
custom_domains = nodered.mydomain.com

And make sure that request Host same to OriginHost.

Hello, I digg into this issue and found that websocket are working properly in http mode:

[nodered-http]
type = http
local_ip = my-server-ip
local_port = 1880
custom_domains = nodered.mydomain.com
ws

but when I switch to https, the websocket protocol switch from ws://nodered.mydomain.com/comms to wss://nodered.mydomain.com/comms

and status is endless 'pending' as described at the beginning of this ticket.

[nodered-https]
type = https
custom_domains = nodered.mydomain.com

plugin = https2http
plugin_local_addr = my-server-ip:1880
plugin_crt_path = /etc/fullchain.pem
plugin_key_path = /etc/privkey.pem
plugin_host_header_rewrite = my-server-ip:1880

Do you have any idea how to proxy wss protocol thanks to FRP ?

Thanks ! all the best !

<!-- gh-comment-id:772235572 --> @yuyulei commented on GitHub (Feb 3, 2021): @fredericmalo https proxy can support wss. Give a frpc.ini demo if the server can accept **https** request: ``` [nodered-https] type = https local_ip = my-server-ip local_port = 1880 custom_domains = nodered.mydomain.com ``` And make sure that request Host same to OriginHost. > Hello, I digg into this issue and found that websocket are working properly in http mode: > > ``` > [nodered-http] > type = http > local_ip = my-server-ip > local_port = 1880 > custom_domains = nodered.mydomain.com > ``` > > <img alt="ws" width="888" src="https://user-images.githubusercontent.com/3525134/101511554-f4c0c700-397a-11eb-976f-ef41e0861871.png"> > > but when I switch to https, the websocket protocol switch from _ws://nodered.mydomain.com/comms_ to _**wss**://nodered.mydomain.com/comms_ > > and status is endless '_pending_' as described at the beginning of this ticket. > > ``` > [nodered-https] > type = https > custom_domains = nodered.mydomain.com > > plugin = https2http > plugin_local_addr = my-server-ip:1880 > plugin_crt_path = /etc/fullchain.pem > plugin_key_path = /etc/privkey.pem > plugin_host_header_rewrite = my-server-ip:1880 > ``` > > Do you have any idea how to proxy wss protocol thanks to FRP ? > > Thanks ! all the best !
gitea-mirror commented 2026-05-05 13:04:55 -06:00
Author
Owner
Copy link

@yuyulei commented on GitHub (Feb 5, 2021):

@dizzam there is some problem in http(s) plugin to support ws(s). Can you use http(s) proxy directly ?

<!-- gh-comment-id:773728881 --> @yuyulei commented on GitHub (Feb 5, 2021): @dizzam there is some problem in http(s) plugin to support ws(s). Can you use http(s) proxy directly ?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#1684
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?