[SOLVED] Brave Browser Shields blocking my Websocket

Brave Browser Shields blocking my Websocket

I've come across an annoying problem and I've been trying to search for a solution online but no luck (happy to be pointed to a resource if I've missed something).

Summary

My problem relates specifically to the Brave web-browser and it's native 'Brave Shield' blocking my back-end web-socket which I suspect is due to 'fingerprinting'.

On all other browsers, my website will load, and a connection to my back-end websocket is made with no issues. However, with the Brave Browser and the Brave Shield turned on - the client refuses to connect to my websocket and there's no errors presenting in the console to indicate an issue.

I have other 3rd party websockets running and they seem to work perfectly regardless of whether the Brave Shield is on or off - leading me to believe it could be something to do with the way I've created my websocket server?

The website: https://bitcoindashy.com This relates to the data which shows under the 'rekt' and 'chat' tabs.

My code (server)

const https = require('https');
const {server} = require('ws');
const app = require(./app.js);  // <-- app.js holds my express() server.

//ssl info//
const privateKey  = fs.readFileSync(*omitted for privacy*)
const certificate = fs.readFileSync(*omitted for privacy*)
const credentials = {*omitted for privacy*}

const server = https.createServer(credentials, app).listen(PORT, () => {
  console.log(`listening on port ${PORT}...`);
}

const wss = new Server({server}, {clientTracking: false});

My code (client)

const serverAddress = '***';
let liqWs = new WebSocket(serverAddress);

...
liqWs.onopen = (e) => console.log('testing for open') //<-- For testing

liqWs.onmessage = (e) => { *do something with the message* }

What I've tried

Tried testing the web-socket connection and viewing the 'network' tab in both cases where the Brave Sheild is both on, and off.

When the Brave Shield is OFF, the connection appears and returns a status code of 101 - all good.
When the brave shield is ON, the connection does not appear in the network tab at all - thus not able to view a status code.

Played around with the Brave Shield settings to see what specifically is blocking my connection.

I discovered that when I ALLOW fingerprinting, the connection can establish and the website retrieves data as expected.

With the above point in mind, it seems that Brave Browser is blocking my websocket due to fingerprinting. Brave believes that my websocket may be used to track the user, and therefore is blocking the connection.

Within my code, I therefore tried the following: const wss = new Server({server}, {clientTracking: false});. As the ws documentation states that the clientTracking option would allow me to specify whether or not I wish to track users. This still did not work.

If you look at my client-side code snip above - I added an .onopen event listener purely for testing.

When the Brave Shield is OFF, the console log 'testing for open' will log as expected.
When the Brave Shield is ON, there is no console log - with this in mind, I know that the websocket is not opening at all.

I imagine someone else has come across this problem before. A workaround is to just disable to Brave Shield, however this isn't a feasible solution as visitors of my site shouldn't have to do this and seeing as the Brave Shield is enabled by default, this is a major inconvenience.

If I have missed out any vital information, please let me know.

Solution

If anyone should come across this situation in the future - The issue was I opening more WebSockets than was permitted with the Brave Shield turned on, specifically fingerprint blocking. The team at Brave were quick to discover the issue which did not relate to my code.

I was opening 14 simultaneous websockets when the limit was 10. Brave is increasing this limit to 30 in an upcoming release (1.40.x).