Describe the bug
GCP LoadBalancing does not support HTTP/2 WebSockets (see issue). This prevents us from accessing ReverseShells via GCP:
gRPC streaming requires HTTP/2, meaning we enable H2C for Cloud Run
Chrome will send WebSocket requests via HTTP/2, since now the LB will advertise support for HTTP/2
There does not appear to be a way to force Chrome to use HTTP/1.1 for WebSockets, short of using some chrome://flags (possibly)
GCP LoadBalancers do not have support for WebSockets over HTTP/2, resulting in a 503 when attempting to open a WebSocket
To Reproduce
Deploy Tavern to GCP using default terraform
Enable H2C e2e on the tavern Cloud Run Deployment
Create a Reverse Shell (e.g. using the ReverseShell Tome)
Attempt to connect to the reverse shell via WebSocket
Expected behavior
A nice PTY for interacting with the Reverse Shell
Desktop (please complete the following information):
OS: macOS Version 14.2.1
Browser: Google Chrome 122.0.6261.112 9d4c1072da62b411b351a38b9ed6214ab236aa7b-refs/branch-heads/6261@{#1015}
Version: Realm v0.1.0
Additional context
It's likely we'll need to migrate away from WebSockets to solve the issue, unless the above BugTracker is resolved. This could mean using gRPC HTTP/2 bidirectional streaming in the browser in place of a websocket.
Describe the bug GCP LoadBalancing does not support HTTP/2 WebSockets (see issue). This prevents us from accessing ReverseShells via GCP:
To Reproduce
ReverseShell
Tome)Expected behavior A nice PTY for interacting with the Reverse Shell
Desktop (please complete the following information):
Additional context It's likely we'll need to migrate away from WebSockets to solve the issue, unless the above BugTracker is resolved. This could mean using gRPC HTTP/2 bidirectional streaming in the browser in place of a websocket.