Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Session cookie triggers failure on websocket connection upgrade

See original GitHub issue

Hi,

When enabling the session cookie on an app, if a websocket connection upgrade is made, then we seem to fall into a an assertion failuire:

Traceback (most recent call last):
  File ".venv/lib/python3.7/site-packages/uvicorn/protocols/websockets/websockets_impl.py", line 146, in run_asgi
    asgi = self.app(self.scope)
  File ".venv/lib/python3.7/site-packages/starlette/applications.py", line 134, in __call__
    return self.error_middleware(scope)
  File ".venv/lib/python3.7/site-packages/starlette/middleware/errors.py", line 88, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/uvicorn/middleware/proxy_headers.py", line 37, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/middleware/base.py", line 22, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/middleware/base.py", line 22, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/exceptions.py", line 49, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/routing.py", line 587, in __call__
    return route(scope)
  File ".venv/lib/python3.7/site-packages/starlette/routing.py", line 356, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/applications.py", line 134, in __call__
    return self.error_middleware(scope)
  File ".venv/lib/python3.7/site-packages/starlette/middleware/errors.py", line 88, in __call__
    return self.app(scope)
  File ".venv/lib/python3.7/site-packages/starlette/middleware/sessions.py", line 34, in __call__
    request = Request(scope)
  File ".venv/lib/python3.7/site-packages/starlette/requests.py", line 128, in __init__
    assert scope["type"] == "http"

I think the issue is that the session middleware doesn’t coimplain when the request type is both http and websocket: https://github.com/encode/starlette/blob/master/starlette/middleware/sessions.py#L32

But right after, creates a Request from the scope when, itself assert only http: https://github.com/encode/starlette/blob/master/starlette/requests.py#L128

Issue Analytics

State:
Created 4 years ago
Reactions:1
Comments:9 (4 by maintainers)

Top GitHub Comments

1reaction

tomchristiecommented, Aug 16, 2019

#597 is the correct resolution to this.

0reactions

tomchristiecommented, Aug 16, 2019

Released as 0.12.8

Top Results From Across the Web

Troubleshooting connection issues | Socket.IO

You are trying to reach a plain WebSocket server; The server is not reachable; The client is not compatible with the version of...

How do I make Chrome send cookies with WebSocket ...

In my websocket-sharp client, I explicitly set the cookie before opening the connection, and it works as expected. Chrome never sends cookies ......

Examples — websocket-client 1.4.2 documentation

If you want to connect to a websocket without writing any code yourself, ... Origin, and Cookies headers being set, while the Sec-WebSocket-Protocol...

26. WebSocket Support - Spring

The best fit for WebSocket is in web applications where the client and server need ... the WebSocket session with status 1011 that...

WebSockets tutorial: How to go real-time with Node and React

Once the server and client both have their handshakes in, ... the WebSocket upgrade has failed, and the normal HTTP semantics will be ......