Closed justindbaur closed 9 months ago
Checkmarx One – Scan Summary & Details – 39cf676f-408a-4527-842f-497fdf1d20dd
I am using the standard self-hosted linux install (not the unified beta) and have this same problem. Does this fix the issue there too?
I have the same log in web console as the OP of the issue
Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.
I am using the standard self-hosted linux install (not the unified beta) and have this same problem. Does this fix the issue there too?
I don't think that needs changing as the headers are set there: https://github.com/bitwarden/server/blob/35111382e5db60c18438f87195db66f589328db2/util/Setup/Templates/NginxConfig.hbs#L131-L138 If you check your bwdata/nginx/default.conf
file you should see the headers set for the /notifications/hub
and /notifications/anonymous-hub
locations.
That said, I'm also seeing the same error on non-unified (on all notifications). I can't find much info other than the APIs are returning 400 from bitwarden nginx log
192.168.1.1 - - [25/Jul/2023:18:09:00 +0000] "GET /notifications/hub?access_token=TOKEN HTTP/1.1" 400 33 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" "192.168.1.1"
I believe this would fix bitwarden/server#3103, described in the PR, they are able to request it, receive it on their phone, confirm that request but their original client never gets told it completed. This would lend to 2 possible errors, their confirming client is never actually telling the server that it was confirmed or the server is not able to notify the originating client of the success. The following log makes me think the originating client isn't actually able to connect to the anonymous-hub (or even see it). Going by this config we have special rules for the existing
hub
but not this new one.