Test a WebSocket using curl.

curl-websocket.sh

curl --include \
     --no-buffer \
     --header "Connection: Upgrade" \
     --header "Upgrade: websocket" \
     --header "Host: example.com:80" \
     --header "Origin: http://example.com:80" \
     --header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
     --header "Sec-WebSocket-Version: 13" \
     http://example.com:80/

Hi,

@silvioprog @jageee

I am also using this command:

curl -i -N -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: echo.websocket.org" -H "Origin: https://www.websocket.org" https://echo.websocket.org

but I am getting a 200 response instead of the 101.

Any ideas?

1. You need to use HTTP/1.1
2. You have specified too few headers

$ curl --http1.1 -i -N -H 'Sec-Websocket-Version: 13' -H 'Sec-Websocket-Key: QUo86XL2bHszCCpigvKqHg==' -H "Connection: Upgrade" -H "Upgrade: websocket" -H "Host: echo.websocket.org" -H "Origin: https://www.websocket.org" https://echo.websocket.org
HTTP/1.1 101 Switching Protocols
upgrade: websocket
connection: Upgrade
sec-websocket-accept: 8dlVwoWynsF/RauFo6HjkWl7dLk=
date: Thu, 25 Apr 2024 14:28:01 GMT
server: Fly/610c12e9 (2024-04-23)
via: 1.1 fly.io
fly-request-id: 01HWATFYXA0Y3STERG1SCHNQS2-ams

 Request served by 7811941c69e658

Thanks @vi that worked perfectly!

I recommend adding --http1.1 to your curl command. The Connection and Upgrade headers are not valid in http/2 and curl will use http/2 if your server supports it.

I lost a few hours trying to figure out why these headers were disappearing when debugging my httpd web socket rewrite rules for the first time.

You saved my life haha. I wasted so much time thinking my move to E2EE was the issue but stupid ActionCable and AWS Target Group using HTTP/2 was the issue! 🤦

Time to look into AnyCable or something else. Thank you!

I got status code 400 :"

I tried to connect to websocket server with simple setup using ws library:

const { WebSocketServer } = require('ws');

const wss = new WebSocketServer({ port: 8080 });

wss.on('connection', function connection(ws) {
  ws.on('error', console.error);

  ws.on('message', function message(data) {
    console.log('received: %s', data);
  });

  ws.send('something');
});

and I can't use curl to test it:

curl --include \
     --no-buffer \
     --header "Connection: Upgrade" \
     --header "Upgrade: websocket" \
     --header "Host: localhost:8080" \
     --header "Origin: http://localhost:8080" \
     --header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
     --header "Sec-WebSocket-Version: 13" \
     http://localhost:8080/
HTTP/1.1 400 Bad Request
Connection: close
Content-Type: text/html
Content-Length: 43

Missing or invalid Sec-WebSocket-Key header

browser developer tools on the network tab have copy as curl value, however it seems still no luck:

curl 'ws://localhost:8080/' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:138.0) Gecko/20100101 Firefox/138.0' -H 'Accept: */*' -H 'Accept-Language: en-US,en;q=0.7,id;q=0.3' -H 'Accept-Encoding: gzip, deflate, br, zstd' -H 'Sec-WebSocket-Version: 13' -H 'Origin: null' -H 'Sec-WebSocket-Extensions: permessage-deflate' -H 'Sec-WebSocket-Key: 3tMWYzcHwmObiLR3nWOgsg==' -H 'Connection: keep-alive, Upgrade' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: websocket' -H 'Sec-Fetch-Site: cross-site' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'Upgrade: websocket'
curl: (22) Refused WebSockets upgrade: 400

okay, changing Sec-WebSocket-key with the one provided from browser works (not sure why):

curl --include \
     --no-buffer \
     --header "Connection: Upgrade" \
     --header "Upgrade: websocket" \
     --header "Host: localhost:8080" \
     --header "Origin: http://localhost:8080" \
     --header "Sec-WebSocket-Key: 3tMWYzcHwmObiLR3nWOgsg==" \
     --header "Sec-WebSocket-Version: 13" \
     http://localhost:8080/
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: YLxhg+bEzrZXCaOyyI5QkRBIdT4=

�       something

EDIT:
after reading the wikipedia, turned out it just a random 16-byte encoded with base64, on Linux, you can generate it with:

head -c 16 /dev/urandom | base64

This was very helpful. Thanks so much. In my case I just needed to confirm that the websocket server could be connected to and the connection would be upgraded, but I see how the headers and other settings can be changed as needed for any particular situation.