I'm setting up a WebSocket between a standard web page and a Tomcat v7.0.62 server. The connection works fine with Tomcat SSL turned on/off on Firefox, Edge and IE11. However, in Chrome (v66.03), the websocket only connects when I've turned on SSL on the server and connect via https. In Chrome, when I turn SSL off on the server and try to connect via http, it throws an error.
Here's the error Chrome throws when trying to connect via http with SSL turned off on Tomcat...
Error in connection establishment: net::ERR_PROXY_AUTH_REQUESTED_WITH_NO_CONNECTION
Here's my WebSocket connection code on the client...
var wss = "wss://";
if (document.location.protocol === "http:") {
wss = "ws://";
}
var wsURL = wss + document.location.host + "/status?sessionId=<%=session.getId()%>";
Is this something Chrome specific that needs special code on non-https websocket connections?
This is a Chrome specific behavior. Chrome doesn't allow unsecure websocket (ws) connections to localhost (only wss, so you should setup a TLS certificate for your local web/websocket server). But the same should work without any issues in Firefox and other browsers.
Please refer the Chrome bug report on Chromium regarding this issue. This particular problem is intentional, and they have made this change to make Chrome more secure by preventing attacks against internal network devices and processes listening on localhost.
https://bugs.chromium.org/p/chromium/issues/detail?id=378566