Websocket problem in https

asked 2019-10-11 16:03:28 +0800

mperezro1 gravatar image mperezro1 flag of Spain

I'm testing the example in "https:\github.com/zkoss-demo/zkwebsocket-demo.git" with https and in the js console it appears to me that you are trying to use ws instead of wss:

zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:1211 Mixed Content: The page at 'https:\appm.dipalme.org/planes/ws.zul' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://appm.dipalme.org/planes/zkwm?dtid=z_nke'. This request has been blocked; this endpoint must be available over WSS. start @ zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:1211 zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:1211 Uncaught DOMException: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS. at Object.start (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:1211:348) at eval (eval at <anonymous> (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:52:35), <anonymous>:1:38) at Function.afterLoad (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:509:35) at eval (eval at <anonymous> (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:52:35), <anonymous>:1:4) at eval (<anonymous>) at https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:52:35 at Function.globalEval (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:52:46) at Object.script (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:573:415) at m (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:549:357) at Object.process (https:\appm.dipalme.org/planes/zkau/web/3e71b58b/js/zk.wpd;jsessionid=FE053024D8A6135DD6C4877CA9C70B4E:558:405)

delete flag offensive retag edit

1 Answer

Sort by ยป oldest newest most voted

answered 2019-10-14 10:56:15 +0800

cor3000 gravatar image cor3000
4887 2 7
ZK Team

ZK follows what the information the webserver (tomcat, jetty ...) provides.

Whether to use ws: or wss: is determined at server side from

((HttpServletRequest) exec.getNativeRequest()).isSecure()

Depending on your https+appserver configuration this flag is either true or false. In tomcat this can be controlled as described here:


However there are other ways HTTPS can be setup (tomcat reverse proxy, AJP, nginx, jetty, weblogic), in the end what matters to ZK is the return value of isSecure().

BTW our online demo uses https/wss as well and it works: https://www.zkoss.org/zkdemo/server_push/websocket

However the server configuration might again be different to what you need, if you can be more specific on your configuration we might be able to give a hint what's missing.

link publish delete flag offensive edit
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

1 follower



Asked: 2019-10-11 16:03:28 +0800

Seen: 11 times

Last updated: Oct 14

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More