use 'wss' connection from page served over http

the following code in "lib/socket.io/transports/websocket.js" returns a location header with the 'ws' scheme if the origin is not https, regardless of whether the websocket was opened with a 'wss' scheme:

 var origin = this.request.headers.origin,
       location = (origin && origin.substr(0, 5) == 'https' ? 'wss' : 'ws')
                   + '://' + this.request.headers.host + this.request.url;

i couldn't find anything in the websocket spec that disallows using 'wss' websocket connections from pages server over http, and in chromium this results in:

Error during WebSocket handshake: location mismatch: wss://hostname:port//node.js/realtime/websocket != ws://hostname:port//node.js/realtime/websocket

if i missed something, and the spec doesn't allow this, so be it. if not, i'm happy to work up a patch that allows the websocket data to use a tunnel even if the page html doesn't. (yes, there are use cases for this, as the network the html travels over may be trusted, while the websocket data may use a different, untrusted network.)

[madari]

Surely the spec allows it. Socket.IO-node should check if the connection is made using TLS instead of trying to determine the type of the websocket connection from the origin.

[arenstar]

Can we somehow fix this.. im getting the same error
and websockets do not function anymore ( since i changed to ssl)

All of my services are SSL..
but i often act as a 3rd party for delivering information on behalf of our clients..
i am unable to fix this problem..

Any suggestions on a fix???

please

ok, i'll have a go at a patch for this. thanks for the replies.

here's a one-line fix for this issue:

var origin = this.request.headers.origin,
       location = (this.request.socket.encrypted ? 'wss' : 'ws')
                   + '://' + this.request.headers.host + this.request.url;

[nh2]

I need this as well.

[parshap]

This fix was applied as a part of #180 and this ticket should be closed.

closing...