godot icon indicating copy to clipboard operation
godot copied to clipboard

Published 20 hours ago verified publisher icon godotengine

Websockets not working correctly on Web

Open Swarkin opened this issue 1 year ago • 6 comments

Tested versions

4.3 4.3.dev2 4.3.custom_build.nothreads

System information

Any OS, wasm32

Issue description

Trying to use websockets always results in the error WebSocket connection to 'wss://srv.kackadu.de:25569/' failed:.

It works perfectly fine on any other platform's native builds.

Surprisingly, the server is accepting a connection, but the client never connects, resulting in an error on the server side as soon as the connection drops.

Steps to reproduce

  • Open Devtools
  • ~~Go to swarkin.github.io/wsclicker/~~ Not available anymore, the issue has been identified in this discussion.
  • Notice error in console WebSocket connection to 'wss://srv.kackadu.de:25569/' failed: with no information

Line where the connection is started: https://github.com/Swarkin/wsclicker/blob/main/client/client.gd#L35

Minimal reproduction project (MRP)

I do not have the time to make a MRP but this is the project that has the issue: https://github.com/Swarkin/wsclicker It is split into server and client folders and has an export configuration that is used for exporting. (Note: Exporting in release mode for web does not work and instead falls back to a debug build.)

Swarkin avatar Sep 22 '24 11:09 Swarkin

Someone suggested that to use SSL on web, I need to create custom certificates. The docs make no mention of this and I do not understand this process at all...

Swarkin avatar Sep 22 '24 11:09 Swarkin

Tried connecting to a https domain, same error but the connection fails immediately and nothing appears on the server.

Swarkin avatar Sep 22 '24 12:09 Swarkin

@Swarkin if your WebSocket server does not use TLS, you should connect using ws:// protocol instead of wss://

fuwaneko avatar Sep 22 '24 15:09 fuwaneko

@Swarkin if your WebSocket server does not use TLS, you should connect using ws:// protocol instead of wss://

The website that the Godot game is on uses https (secure context) so I am forced to use wss. I believe the error is from some misconfigured TLS thing but I have no idea.

Even if me not passing in any TLSOptions is the issue, i wouldn't understand why it does connect successfully for the server but not for the client. Furthermore, an useful error message would be more convenient than a generic "the connection failed" message.

Swarkin avatar Sep 22 '24 17:09 Swarkin

The website that the Godot game is on uses https (secure context) so I am forced to use wss. I believe the error is from some misconfigured TLS thing but I have no idea.

This is indeed a correct web browser behavior, only secure connections are allowed from secure environment. You, as a server owner, are obliged to properly set up TLS termination if you want to use TLS. This is neither Godot responsibility nor a bug. You can, for example, obtain a Let's Encrypt certificate and use it directly in your server code, there's a good example provided by Godot on how to do that.

Even if me not passing in any TLSOptions is the issue, i wouldn't understand why it does connect successfully for the server but not for the client.

The TCP connection is successful, but subsequently, a TLS handshake is expected by the client, which never happens.

Furthermore, an useful error message would be more convenient than a generic "the connection failed" message.

The error comes from a web browser, Godot has little control over it. Again, normal web browser behavior.

fuwaneko avatar Sep 22 '24 17:09 fuwaneko

My suggestion is to give out a warning when using a wss:/ url and not passing in any TLSOptions then. As you can see this behaviour is really confusing so I'd appreciate a short mention of it in the docs too.

Swarkin avatar Sep 22 '24 19:09 Swarkin

@fuwaneko I've been asking around in the Godot discord for days and no one is able to help, would you be willing to assist me to get this running? I have bought a domain and am tunneling it trough cloudflare for https and also have cloudflare as my dns. Please message me on discord as swark1n

Swarkin avatar Sep 24 '24 16:09 Swarkin

I have updated the issue description to better clarify what this issue is about.

Swarkin avatar Sep 26 '24 09:09 Swarkin

My suggestion is to give out a warning when using a wss:/ url and not passing in any TLSOptions then.

TLSOptions are not supported on the Web due to browser limitations (we should add a note about that in the docs).

The only solution is to use a valid certificate with a valid FQDN.

Faless avatar Sep 29 '24 13:09 Faless

TLSOptions are not supported on the Web due to browser limitations (we should add a note about that in the docs).

The TLSOptions class already notes that several methods don't have an effect on the web platform. Does this apply to the entirety of the TLSOptions class, or just those specific methods?

Calinou avatar Nov 08 '24 18:11 Calinou

Does this apply to the entirety of the TLSOptions class, or just those specific methods?

TLSOption is just a configuration, it's the classes that uses it that have the actual limitations.

In practice, TLSOption have no effect in any of the internal classes that use it (HTTPClient, HTTPRequest, WebSocket).

Faless avatar Nov 08 '24 18:11 Faless