Location MisMatch on Secure WebSockets

[amark]

When the client has
new io.Socket(null, {secure: true});
And the server has
credentials = crypto.createCredentials({...});
server = http.createServer(function(req,res){...});
server.setSecure(credentials);
server.listen(8080);
io.listen(server).on('connection', function(client){...});

Browse https://localhost:8080/
Using XHR-Multipart there is a secure connection, no problem.
Using WebSockets there is a Error during WebSocket handshake: location mismatch: wss://localhost:8080/socket.io/websocket != ws://localhost:8080/socket.io/websocket.
And nothing works.

If I change the client to "secure: false" then no error is reported, but nothing works.

[mlangenberg]

+1 I am running into the same issue.

Is the problem perhaps that the node server is returning 'ws://...' instead of 'wss://...'?

[amark]

That is what I thought, but when I look at the socket.io-Node websocket.js transport file, line 41 it has a check for if "https" and then return "wss".

[mlangenberg]

Do you think this could be "fixed" by using NginX as an SSL proxy in front of Node?

[mlangenberg]

Faye has the very same issue, and I found the solution for this problem lying in the serverside handshake code. The server returned a ws:// URL even when the client connected throug a wss:// URL. I suspect the same applies to Socket.IO.

[amark]

but why doesn't the ternary operator work to deliver wss:// if https:// ?

[mlangenberg]

Because you might connect to a secure WebSocket from a non-secure webpage.