#1 2018-07-07 00:29:31

dualarrow
Member
From: Australia
Registered: 2018-06-28
Posts: 21

Can callback be done over https ?

I now have an https connection and I'd like to be able to do callbacks on it. From the documentation, the callbacks need websockets, but websockets are not available on http.sys which is how I'm doing https.

Is there a way to do callbacks over an https connection or is this not possible at this time ?

Offline

#2 2018-07-07 19:13:25

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,659
Website

Re: Can callback be done over https ?

It is not directly possible.

But what we do on production (even on a Linux server with the executable compiled with FPC/Lazarus) is to have a nginx front-end with the following configuration:

    # redirect WebSockets
    location /api/ws {
        proxy_pass http://127.0.0.1:1234;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host domain.name;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # redirect to REST services
    location /api/ {
        proxy_cache off;
        proxy_pass http://127.0.0.1:1324;
        proxy_http_version 1.0;
        proxy_set_header Host domain.name;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

Note that "wss" is the same than ws (websockets) from a https initial connection i.e. over TLS.

But in practice, you only need wss with a JSON websocket, from a browser.
For a Delphi/FPC client, it is perfectly safe to use plain http/ws since the binary websockets are encrypted themselves using a shared private secret key.

Offline

Board footer

Powered by FluxBB