AuthorizedHandler阻止了错误的请求!url: / socket . io /

AuthorizedHandler Blocked wrong request! url: /socket.io/

本文关键字:url socket io 请求 错误 AuthorizedHandler      更新时间:2023-09-26

我正在使用mrniko/netty-socketio (Java)启动一个websocket服务器,像这样:

config = new Configuration();
config.setHostname("localhost");
config.setPort(8001);
server = new SocketIOServer(config);
server.addListeners(serviceClass);
server.start();

然后我使用(推荐的)socketio/socket。io-client (JavaScript)尝试像这样连接到websocket服务器(都在同一台服务器上):

var socket = io("http://localhost:8001");

连接在服务器端被"阻塞",服务器端打印:

8239 [nioEventLoopGroup-5-1] WARN com.corundumstudio.socketio.handler.AuthorizeHandler  - Blocked wrong request! url: /socket.io/, ip: /127.0.0.1:48915
28889 [nioEventLoopGroup-5-2] WARN com.corundumstudio.socketio.handler.AuthorizeHandler  - Blocked wrong request! url: /socket.io/, ip: /127.0.0.1:48916

当客户端继续重试连接时,该操作会不断发生。

我似乎无法让服务器接受连接。我试过:

var socket = io("ws://localhost:8001");

但结果是一样的。对于这两种情况,我也试过在URL后面放一个斜杠——没有区别。我还尝试了在服务器和客户端同时使用"localhost"或"127.0.0.1"的所有组合,等等。

JavaScript页面本身是从localhost:8000上的http服务器提供的。这似乎不是一个跨站点问题,因为它在浏览器上给出了一个完全不同的错误。

有谁知道什么是错的,如何解决它?

在我的例子中,网络监控每10秒访问该端口一次。我暂时更改了log4j。属性转换为ERROR级别的日志记录,但希望为网络提供一种不会导致过多警告日志记录的路径。我不确定这是否是最好的方法,但这就是我最终所做的。

config.setAllowCustomRequests(真正的);通过允许自定义请求,显示警告的代码片段在Authorizehandler中被绕过。

我创建了一个自定义管道,它允许我用一个自定义的管道来切换wrongUrlHandler,以允许一个安全的路径用于监控。

public class CustomSocketIOChannelInitializer extends SocketIOChannelInitializer {
   CustomWrongUrlHandler customWrongUrlHandler = null;
   public CustomSocketIOChannelInitializer(Configuration configuration) {
      customWrongUrlHandler = new CustomWrongUrlHandler(configuration);
   }
   protected void initChannel(Channel ch) throws Exception {
       ChannelPipeline pipeline = ch.pipeline();
       addSslHandler(pipeline);
       addSocketioHandlers(pipeline);
       // Replace wrong url handler with our custom one to allow network monitoring without logging warnings.
       pipeline.replace(SocketIOChannelInitializer.WRONG_URL_HANDLER, "CUSTOM_WRONG_URL_HANDLER", customWrongUrlHandler);
   }

这是我的自定义处理程序:

@Sharable
public class CustomWrongUrlHandler extends ChannelInboundHandlerAdapter {
    private final Logger log = LoggerFactory.getLogger(getClass());
    Configuration configuration = null;
    /**
    * @param configuration
    */
   public CustomWrongUrlHandler(Configuration configuration) {
       this.configuration = configuration;
    }
    @Override
    public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
       if (msg instanceof FullHttpRequest) {
          FullHttpRequest req = (FullHttpRequest) msg;
          Channel channel = ctx.channel();
          QueryStringDecoder queryDecoder = new QueryStringDecoder(req.getUri());
          // Don't log when port is pinged for monitoring. Must use context that starts with /ping.
          if (configuration.isAllowCustomRequests() && queryDecoder.path().startsWith("/ping")) {
              HttpResponse res = new DefaultHttpResponse(HTTP_1_1, HttpResponseStatus.BAD_REQUEST);
              channel.writeAndFlush(res).addListener(ChannelFutureListener.CLOSE);
              req.release();
              //log.info("Blocked wrong request! url: {}, ip: {}", queryDecoder.path(), channel.remoteAddress());
              return;
          } 
          // This is the last channel handler in the pipe so if it is not ping then log warning.
          HttpResponse res = new DefaultHttpResponse(HTTP_1_1, HttpResponseStatus.BAD_REQUEST);
          ChannelFuture f = channel.writeAndFlush(res);
          f.addListener(ChannelFutureListener.CLOSE);
          req.release();
          log.warn("Blocked wrong socket.io-context request! url: {}, params: {}, ip: {}", channel.remoteAddress() + " " + queryDecoder.path(), queryDecoder.parameters());
      }
    }
}

 CustomSocketIOChannelInitializer customSocketIOChannelInitializer = new CustomSocketIOChannelInitializer(config);
  server.setPipelineFactory(customSocketIOChannelInitializer);
相关文章: