[OPENIG-4190] A WebSocket Origin header is missing the scheme from the URL - ForgeRock JIRA

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 6.0.0, 6.1.0, 6.5.0, 6.5.1, 6.5.2, 7.0.0
Fix Version/s: 6.5.3, 7.0.0
Component/s: WebSocket
Labels:
- PICKERING
- release-notes
Environment:
IG making notification requests to AM

Support Ticket IDs:

Story Points:
1

Description

Example wireshark capture from an IG notification request to AM:

Frame 2305: 460 bytes on wire (3680 bits), 460 bytes captured (3680 bits) on interface 0
Null/Loopback
Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
Transmission Control Protocol, Src Port: 53520, Dst Port: 8080, Seq: 1, Ack: 1, Len: 404
Hypertext Transfer Protocol
    GET /openam/notifications HTTP/1.1\r\n
    Connection: Upgrade\r\n
    Host: openam.example.com:8080\r\n
    iPlanetDirectoryPro: GgsTTlY0mc5W5BPFzkeFmHuZ0So.*AAJTSQACMDEAAlNLABxEQ3phaFdyVzJhTGIydkx1dUZ0VWJ6a0NNMmM9AAR0eXBlAANDVFMAAlMxAAA.*\r\n
    Origin: openam.example.com:8080\r\n
    Sec-WebSocket-Key: b9KogqU4vhwHxPt8kf6JLQ==\r\n
    Sec-WebSocket-Protocol: v1.notifications.forgerock.org\r\n
    Sec-WebSocket-Version: 13\r\n
    Upgrade: websocket\r\n
    \r\n
    [Full request URI: http://openam.example.com:8080/openam/notifications]
    [HTTP request 1/1]
    [Response in frame: 2307]

The Origin header is missing the scheme: Origin: openam.example.com:8080

The Tyrus third-party library used by IG has this fixed in v1.14, covered by https://github.com/eclipse-ee4j/tyrus/issues/611

Attachments

Activity

People

Assignee:: Mark de Reeper

Reporter:: Mark de Reeper

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-12-11 9:36 PM

Updated:: 2020-08-19 9:14 AM

Resolved:: 2019-12-15 11:15 PM