勇敢的浏览器盾牌阻止了我的网站
我遇到了一个烦人的问题,我一直在尝试在线搜索解决方案,但没有运气(如果我错过了一些东西,很高兴被指向资源)。
摘要
我的问题特别与勇敢的Web浏览器有关,它是本机的“ Brave Shield”阻止了我的后端Web插座,我怀疑这是由于“指纹”。
在所有其他浏览器上,我的网站都将加载,并且与我的后端Websocket的连接无问题。但是,随着勇敢的浏览器和勇敢的盾牌打开 - 客户拒绝连接到我的Websocket,并且控制台中没有出现错误来指示问题。
我还有其他第三方Websocket运行,无论勇敢的盾牌是否打开还是关闭,它们似乎都可以正常工作 - 导致我相信这可能与我创建的WebSocket服务器的方式有关吗?
网站: https://bitcoindashy.com 这与“ REKT”和“ CHAT”选项卡下显示的数据有关。
我的代码(服务器)
const https = require('https');
const {server} = require('ws');
const app = require(./app.js); // <-- app.js holds my express() server.
//ssl info//
const privateKey = fs.readFileSync(*omitted for privacy*)
const certificate = fs.readFileSync(*omitted for privacy*)
const credentials = {*omitted for privacy*}
const server = https.createServer(credentials, app).listen(PORT, () => {
console.log(`listening on port ${PORT}...`);
}
const wss = new Server({server}, {clientTracking: false});
我的代码(client)
const serverAddress = '***';
let liqWs = new WebSocket(serverAddress);
...
liqWs.onopen = (e) => console.log('testing for open') //<-- For testing
liqWs.onmessage = (e) => { *do something with the message* }
我尝试过的
- 尝试测试Web-socket连接并查看'网络'TAB在这两种情况下,勇敢的Sheild都在打开和关闭。
当勇敢的盾牌关闭时,连接出现并返回101的状态代码 - 一切都很好。
当勇敢的盾牌打开时,该连接根本不会出现在“网络”选项卡中 - 因此无法查看状态代码。
- 与勇敢的盾牌设置一起玩,以查看什么专门阻止了我的连接。
- 我发现,当我允许指纹打印时,连接可以建立,并且网站可以根据预期检索数据。
- 考虑到上述点,由于指纹识别,勇敢的浏览器似乎正在阻止我的Websocket。勇敢的人认为我的Websocket可以用于跟踪用户,因此正在阻止连接。
- 因此,在我的代码中,我尝试了以下内容:
const wss = new Server({server},{client tracking:false});。正如WS文档所指出的那样,客户端跟踪选项将允许我指定我是否希望跟踪用户。这仍然不起作用。
- 如果您在上面查看我的客户端代码剪切 - 我纯粹是用于测试的.Onopen事件侦听器。
- 当勇敢的盾牌关闭时,控制台日志“打开测试”将按预期进行登录。
- 当勇敢的盾牌打开时,没有控制台日志 - 考虑到这一点,我知道Websocket根本没有打开。
我想以前有人遇到过这个问题。解决方法是禁用勇敢的盾牌,但是这不是一个可行的解决方案,因为我的网站的访问者不必这样做,并且默认情况下启用了勇敢的盾牌,这是一个很大的不便。
如果我错过了任何重要信息,请告诉我。
I've come across an annoying problem and I've been trying to search for a solution online but no luck (happy to be pointed to a resource if I've missed something).
Summary
My problem relates specifically to the Brave web-browser and it's native 'Brave Shield' blocking my back-end web-socket which I suspect is due to 'fingerprinting'.
On all other browsers, my website will load, and a connection to my back-end websocket is made with no issues. However, with the Brave Browser and the Brave Shield turned on - the client refuses to connect to my websocket and there's no errors presenting in the console to indicate an issue.
I have other 3rd party websockets running and they seem to work perfectly regardless of whether the Brave Shield is on or off - leading me to believe it could be something to do with the way I've created my websocket server?
The website: https://bitcoindashy.com
This relates to the data which shows under the 'rekt' and 'chat' tabs.
My code (server)
const https = require('https');
const {server} = require('ws');
const app = require(./app.js); // <-- app.js holds my express() server.
//ssl info//
const privateKey = fs.readFileSync(*omitted for privacy*)
const certificate = fs.readFileSync(*omitted for privacy*)
const credentials = {*omitted for privacy*}
const server = https.createServer(credentials, app).listen(PORT, () => {
console.log(`listening on port ${PORT}...`);
}
const wss = new Server({server}, {clientTracking: false});
My code (client)
const serverAddress = '***';
let liqWs = new WebSocket(serverAddress);
...
liqWs.onopen = (e) => console.log('testing for open') //<-- For testing
liqWs.onmessage = (e) => { *do something with the message* }
What I've tried
- Tried testing the web-socket connection and viewing the 'network' tab in both cases where the Brave Sheild is both on, and off.
When the Brave Shield is OFF, the connection appears and returns a status code of 101 - all good.
When the brave shield is ON, the connection does not appear in the network tab at all - thus not able to view a status code.
- Played around with the Brave Shield settings to see what specifically is blocking my connection.
- I discovered that when I ALLOW fingerprinting, the connection can establish and the website retrieves data as expected.
- With the above point in mind, it seems that Brave Browser is blocking my websocket due to fingerprinting. Brave believes that my websocket may be used to track the user, and therefore is blocking the connection.
- Within my code, I therefore tried the following:
const wss = new Server({server}, {clientTracking: false});. As the ws documentation states that the clientTracking option would allow me to specify whether or not I wish to track users. This still did not work.
- If you look at my client-side code snip above - I added an .onopen event listener purely for testing.
- When the Brave Shield is OFF, the console log 'testing for open' will log as expected.
- When the Brave Shield is ON, there is no console log - with this in mind, I know that the websocket is not opening at all.
I imagine someone else has come across this problem before. A workaround is to just disable to Brave Shield, however this isn't a feasible solution as visitors of my site shouldn't have to do this and seeing as the Brave Shield is enabled by default, this is a major inconvenience.
If I have missed out any vital information, please let me know.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果将来有人遇到这种情况 - 问题是我打开的网站插款比打开的勇敢盾牌所允许的允许,特别是指纹阻塞。勇敢的团队很快发现与我的代码无关的问题。
当限制为10时,我正同时打开14个同时的Websocket。
If anyone should come across this situation in the future - The issue was I opening more WebSockets than was permitted with the Brave Shield turned on, specifically fingerprint blocking. The team at Brave were quick to discover the issue which did not relate to my code.
I was opening 14 simultaneous websockets when the limit was 10. Brave is increasing this limit to 30 in an upcoming release (1.40.x).