[winswitch] HTML5 client with secure websockets

Antoine Martin antoine at nagafix.co.uk
Sat Sep 3 05:41:27 BST 2016


On 03/09/16 07:26, Mukul Agrawal via shifter-users wrote:
> Another question with respect to HTML5 cleint.
> Would it work with ssl instead of TCP?
I guess you meant https / wss.

> I got the basic ssl setup done fine ... meaning I can connect using
the client program.
> I would like to wrap this up in the websocket protocol if possible?
There is a ticket for this, but I'm not sure how feasible it is to have
SSL for both xpra and http due to some python ssl API restrictions:
http://xpra.org/trac/ticket/1213

> And second question :
> If a firewall on the client side is stopping the ssl traffic to the
server, would it obviously block the secure websocket traffic to same
server as well?
That sounds likely.
How does your firewall decide to block this traffic?
Layer-7 filtering doesn't really work for SSL traffic, only for the
initial certificate exchange which is plain text.
And if it is just based on port numbers, why would it care what sort of
traffic flows on that port?

> Or is that not a necessity? Firewall does not block ssh connection to same server but it does block tcp or ssl (both on port 80).
Well, you will obviously need a port to connect to.
So either open one up (ie: 443) or use an existing one.

It might even be possible to use xpra on port 22 and forward ssh traffic
to a tcp-proxy so you can have both on the same port (untested).
But if something goes wrong... you would lose the ability to login via ssh..

Cheers
Antoine

>  Regards, 
> Mukul ( https://sites.google.com/site/mukulagrawal )
> _______________________________________________
> shifter-users mailing list
> shifter-users at lists.devloop.org.uk
> http://lists.devloop.org.uk/mailman/listinfo/shifter-users
> 




More information about the shifter-users mailing list