自定义域WebSocket握手错误

Question

I keep getting this error on my server: [error] Could not check origin for Phoenix.Socket transport.

I have a Phoenix and JS app running on heroku just fine at myapp.herokuapp.com that uses channels.

I followed the heroku custom domain instructions and can't load my app's javascript now after changing my prod.exs config to: url: [scheme: "https", host: "myapp.com", port: 443] from: url: [scheme: "https", host: "myapp.herokuapp.com", port: 443]

I get this JS error when visiting the app using the custom domain myapp.com:

WebSocket connection to 'wss://myapp.com/socket/websocket?token=undefined&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 400

accompanying heroku logs:

2016-11-27T03:27:52.259269+00:00 heroku[router]: at=info method=GET path="/socket/websocket?token=undefined&vsn=1.0.0" host=myapp.com request_id=94bd304b-e8f5-44aa-aff0-9336425e40b3 fwd="2601:602:9301:2b00:3c91:6660:9593:ad2c,2601:0602:9301:2b00:3c91:6660:9593:ad2c,108.162.245.66" dyno=web.1 connect=1ms service=1ms status=400 bytes=119
2016-11-27T03:28:03.671267+00:00 heroku[router]: at=info method=GET path="/socket/websocket?token=undefined&vsn=1.0.0" host=myapp.herokuapp.com request_id=71483e0c-8f2a-4485-8506-5931513de1fb fwd="50.159.116.207" dyno=web.1 connect=0ms service=1ms status=403 bytes=195
2016-11-27T03:28:03.650158+00:00 app[web.1]: 03:28:03.649 [error] Could not check origin for Phoenix.Socket transport.
2016-11-27T03:28:03.650173+00:00 app[web.1]: 
2016-11-27T03:28:03.650174+00:00 app[web.1]: This happens when you are attempting a socket connection to
2016-11-27T03:28:03.650175+00:00 app[web.1]: a different host than the one configured in your config/
2016-11-27T03:28:03.650175+00:00 app[web.1]: files. For example, in development the host is configured
2016-11-27T03:28:03.650176+00:00 app[web.1]: to "localhost" but you may be trying to access it from
2016-11-27T03:28:03.650177+00:00 app[web.1]: "127.0.0.1". To fix this issue, you may either:
2016-11-27T03:28:03.650178+00:00 app[web.1]: 
2016-11-27T03:28:03.650178+00:00 app[web.1]:   1. update [url: [host: ...]] to your actual host in the
2016-11-27T03:28:03.650179+00:00 app[web.1]:      config file for your current environment (recommended)
2016-11-27T03:28:03.650179+00:00 app[web.1]: 
2016-11-27T03:28:03.650180+00:00 app[web.1]:   2. pass the :check_origin option when configuring your
2016-11-27T03:28:03.650180+00:00 app[web.1]:      endpoint or when configuring the transport in your
2016-11-27T03:28:03.650181+00:00 app[web.1]:      UserSocket module, explicitly outlining which origins
2016-11-27T03:28:03.650182+00:00 app[web.1]:      are allowed:
2016-11-27T03:28:03.650182+00:00 app[web.1]: 
2016-11-27T03:28:03.650183+00:00 app[web.1]:         check_origin: ["https://example.com",
2016-11-27T03:28:03.650184+00:00 app[web.1]:                        "//another.com:888", "//other.com"]

When I visit myapp.herokuapp.com the JS error is slightly different:

WebSocket connection to 'wss://myapp.herokuapp.com/socket/websocket?token=undefined&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 403

accompanying heroku logs:

2016-11-27T03:31:31.615163+00:00 heroku[router]: at=info method=GET path="/socket/websocket?token=undefined&vsn=1.0.0" host=myapp.herokuapp.com request_id=d43b57da-6aef-426b-ba69-7706c95ccc6d fwd="50.159.116.207" dyno=web.1 connect=0ms service=1ms status=403 bytes=195
2016-11-27T03:31:31.580305+00:00 app[web.1]: 03:31:31.579 [error] Could not check origin for Phoenix.Socket transport.
2016-11-27T03:31:31.580319+00:00 app[web.1]: 
2016-11-27T03:31:31.580320+00:00 app[web.1]: This happens when you are attempting a socket connection to
2016-11-27T03:31:31.580321+00:00 app[web.1]: a different host than the one configured in your config/
2016-11-27T03:31:31.580322+00:00 app[web.1]: files. For example, in development the host is configured
2016-11-27T03:31:31.580322+00:00 app[web.1]: to "localhost" but you may be trying to access it from
2016-11-27T03:31:31.580323+00:00 app[web.1]: "127.0.0.1". To fix this issue, you may either:
2016-11-27T03:31:31.580324+00:00 app[web.1]: 
2016-11-27T03:31:31.580325+00:00 app[web.1]:   1. update [url: [host: ...]] to your actual host in the
2016-11-27T03:31:31.580325+00:00 app[web.1]:      config file for your current environment (recommended)
2016-11-27T03:31:31.580326+00:00 app[web.1]: 
2016-11-27T03:31:31.580326+00:00 app[web.1]:   2. pass the :check_origin option when configuring your
2016-11-27T03:31:31.580327+00:00 app[web.1]:      endpoint or when configuring the transport in your
2016-11-27T03:31:31.580327+00:00 app[web.1]:      UserSocket module, explicitly outlining which origins
2016-11-27T03:31:31.580328+00:00 app[web.1]:      are allowed:
2016-11-27T03:31:31.580329+00:00 app[web.1]: 
2016-11-27T03:31:31.580329+00:00 app[web.1]:         check_origin: ["https://example.com",
2016-11-27T03:31:31.580330+00:00 app[web.1]:                        "//another.com:888", "//other.com"]

---

When I keep my config as url: [scheme: "https", host: "myapp.herokuapp.com", port: 443] I get no errors when visiting myapp.herokuapp.com, but when I visit myapp.com I get the following error in the JS console:

WebSocket connection to 'wss://myapp.com/socket/websocket?token=undefined&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 403

accompanying heroku logs:

2016-11-27T03:34:55.671996+00:00 heroku[router]: at=info method=GET path="/socket/websocket?token=undefined&vsn=1.0.0" host=myapp.com request_id=ab595797-26ab-4952-ac77-2ab31bf18384 fwd="50.159.116.207,50.159.116.207,108.162.245.248" dyno=web.1 connect=0ms service=1ms status=403 bytes=214
2016-11-27T03:34:55.661334+00:00 app[web.1]: This happens when you are attempting a socket connection to
2016-11-27T03:34:55.661335+00:00 app[web.1]: a different host than the one configured in your config/
2016-11-27T03:34:55.661321+00:00 app[web.1]: 03:34:55.661 [error] Could not check origin for Phoenix.Socket transport.
2016-11-27T03:34:55.661333+00:00 app[web.1]: 
2016-11-27T03:34:55.661347+00:00 app[web.1]: files. For example, in development the host is configured
2016-11-27T03:34:55.661348+00:00 app[web.1]: to "localhost" but you may be trying to access it from
2016-11-27T03:34:55.661349+00:00 app[web.1]: "127.0.0.1". To fix this issue, you may either:
2016-11-27T03:34:55.661350+00:00 app[web.1]:   1. update [url: [host: ...]] to your actual host in the
2016-11-27T03:34:55.661352+00:00 app[web.1]:      endpoint or when configuring the transport in your
2016-11-27T03:34:55.661351+00:00 app[web.1]:      config file for your current environment (recommended)
2016-11-27T03:34:55.661349+00:00 app[web.1]: 
2016-11-27T03:34:55.661351+00:00 app[web.1]: 
2016-11-27T03:34:55.661352+00:00 app[web.1]:   2. pass the :check_origin option when configuring your
2016-11-27T03:34:55.661354+00:00 app[web.1]:      are allowed:
2016-11-27T03:34:55.661355+00:00 app[web.1]: 
2016-11-27T03:34:55.661353+00:00 app[web.1]:      UserSocket module, explicitly outlining which origins
2016-11-27T03:34:55.661355+00:00 app[web.1]:         check_origin: ["https://example.com",
2016-11-27T03:34:55.661356+00:00 app[web.1]:                        "//another.com:888", "//other.com"]

---

I tried setting check_origin to false but it's not working either. The heroku logs don't show an error anymore when visiting myapp.com.

heroku[router]: at=info method=GET path="/socket/websocket?token=undefined&vsn=1.0.0" host=myapp.com request_id=379b61c9-94be-4a1c-ac43-419e9554ac51 fwd="2601:602:9301:2b00:3c91:6660:9593:ad2c,2601:0602:9301:2b00:3c91:6660:9593:ad2c,108.162.245.122" dyno=web.1 connect=1ms service=1ms status=400 bytes=119

but I'm still getting this in the JS console:

WebSocket connection to 'wss://myapp.com/socket/websocket?token=undefined&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 400

My full config for my app's endpoint

config :my_app, MyApp.Endpoint,
  http: [port: {:system, "PORT"}],
  url: [scheme: "https", host: "myapp.com", port: 443],
  check_origin: false,
  force_ssl: [rewrite_on: [:x_forwarded_proto]],
  cache_static_manifest: "priv/static/manifest.json",
  secret_key_base: System.get_env("SECRET_KEY_BASE")

edit : For what it's worth I'm using cloudflare for my dns and have the ssl option set to full.

---

edit 2 : I can load myapp.com if I keep check_origin: false in my config and I change my socket.js file from:

let socket = new Socket("/socket", {params: {token: window.userToken}})

to:

let socket = new Socket("wss://myapp.herokuapp.com/socket", {params: {token: window.userToken}})

Since I don't want to keep check_origin false I tried updating it to this:

url: [scheme: "https", host: "myapp.com", port: 443],
  check_origin: ["myapp.com", "myapp.herokuapp.com", "//myapp.com", "//myapp.herokuapp.com"],

After recompiling the app with these new settings it leaves me with this JS error in the console when I try to visit myapp.com:

WebSocket connection to 'wss://myapp.herokuapp.com/socket/websocket?token=undefined&vsn=1.0.0' failed: Error during WebSocket handshake: Unexpected response code: 503

Answer 1

First problem lies with using heroku and cloudflare. This article says it can't be done with a custom url, you can only use it with the default heroku url https://support.cloudflare.com/hc/en-us/articles/205893698-Configure-Cloudflare-and-Heroku-over-HTTPS

that said, without using cloudflare I was experiencing problems too. What worked for me was - set the check_origin parameter to the full path of the urls you are accessing. for me I was also using the www, so my config looked like this

url: [scheme: "https", host: "myapp.com", port: 443],
check_origin: [
  "https://myapp.com",
  "https://www.myapp.com"
],

(the rest of my config is just the same as yours)