Fix WebSockets in `proxy` package

[dstotijn]

Proxying WebSockets (e.g. the upgrade process and handling frames) is not working at all. Should check if it's feasible with httputil.ReverseProxy and what the solution can be.

[ubogdan]

Why don't you use github.com/gorilla/websocket ?

[dstotijn]

AFAIK, that package is for managing WS conns with a client, I'm not sure if it helps with MITM proxying between a client and a server. But if you have ideas on how to implement it in the proxy package of Hetty, let me know!

[ubogdan]

I can give it a try you want. And yes httputil package seems to have support for websocket.

[ubogdan]

I've made it in a working state. see github.com/ubogdan/hetty . Please let me know where does the websocket communication should be stored since we have requests and responses.

[ubogdan]

websocket.go may require a rewrite since it's very messy at this time. The returning header may be important since websocket has a text protocol and a binary protocol. see: gorilla/websocket as reference

[dstotijn]

I've made it in a working state. see github.com/ubogdan/hetty . Please let me know where does the websocket communication should be stored since we have requests and responses.

Wow, nice! I'll have a look later this week, but quickly thinking about it: we probably need to first make some changes to the proxy package, e.g. add additional middleware for WS frames in addition to these. After that, we can then update the reqlog package and implement the middleware to log WS frame content (e.g. URL, direction, body) to the database.

I'll circle back later this week to propose how to fit it in, OK?

[ubogdan]

OK. Take your time.

[dstotijn]

Not sure if these are suitable for MITM, but maybe https://github.com/koding/websocketproxy and https://github.com/yhat/wsutil/blob/master/wsutil.go can be helpful to look into.

[ubogdan]

@dstotijn Both packages are doing a Connection Upgrade and they are joining the connections but they have 0 knowledge of the data they pass in or out. I guess the scope of hetty is to be able to view the WebSocket messages not only to leave them to pass.

[zevlag]

I agree, viewing and editing individual web socket messages would be completely in scope, appropriate, and useful.

[ubogdan]

@dstotijn I guess there is no update for the interceptor module or a place where I can connect the WebSocket decoder in order to store the communication into the database.