15

I have configured Firefox to use a proxy of mine for http and https. Yes, I write the code for the proxy myself so I'm in complete control there.

As you may know it's no longer possible to disable WebSocket in Firefox through about:config. I'm looking for a lightweight way of disabling it. If it's not possible at all in Firefox I've got to do something in my proxy.

Here's my question: When Firefox is configured to use an http proxy, does it ALWAYS send an http CONNECT request to the proxy to establish the WebSocket connection? What happens if my proxy returns HTTP/1.1 405 Method Not Allowed? Is that enough to convince Firefox to abandon WebSocket? Is there any chance that Firefox might bypass my proxy in WebSocket matters after such a response? After all, I haven't configured it to use my proxy for the ws or wss protocols. And ws/wss is NOT disabled in Firefox.

Does Firefox ever send the ws handshake to the proxy, i.e. no CONNECT?

This is about security. I need to make sure that no WebSocket communication slips through. At the same time I want to avoid overkill: No disabling of javascript, no disallowing certain web sites.

Improve this question

1 Answer 1

Reset to default
22

This might not answer your direct question, but I think it satisfies your goal.

You can still disable WebSockets by entering the URL about:config and then searching for

network.websocket.max-connections

which you can set the value to 0 to prevent new WebSockets from being created.

Improve this answer
4
  • 3
    Just tried this in FireFox 64 on Windows and it does not seem to work, with max-connections set to zero I am still able to connect via a WebSocket
    – David Bradshaw
    Commented Jan 14, 2019 at 18:03
  • 1
    This now works as per: bugzilla.mozilla.org/show_bug.cgi?id=1091016#c24
    – brandeded
    Commented May 21, 2020 at 2:20
  • @mbrownnyc This is currently not working. Tested with Firefox 89.0 (64-bit) Ubuntu package on Facebook Messenger, I can see the WebSocket messages in Firefox Developer Tools.
    – baptx
    Commented Jun 17, 2021 at 9:35
  • @baptx Perhaps it is a difference between operating systems- using websocket.org/echo.html on FF 90 on Windows, the websocket does not connect. Likewise on Mac (FF 89). I don't have a Linux device handy to test with.
    – Knox
    Commented Jun 17, 2021 at 22:55

Not the answer you're looking for? Browse other questions tagged or ask your own question.