Websocket out node to provide support for HTTP headers during connection setup

This has been asked before (for example here and here), but the related posts are rather outdated or contain a non-satisfying work-around.

Node-Red has the ability to create a websocket connection to any target, using the (part of core nowadays) websocket out node, which works great is essence.

For my usecase I'm connecting to a websocket server that requires me to provide a cookie (or rather HTTP headers) during the initial HTTP connection setup to provide credentials for authentication.

The current websocket out node doesn't seem to support that use case, proven also by its documentation which lacks any mention of a method of providing any http headers:

By default, msg.payload will be sent over the WebSocket. The socket can be configured to encode the entire msg object as a JSON string and send that over the WebSocket.

If the message arriving at this node started at a WebSocket In node, the message will be sent back to the client that triggered the flow. Otherwise, the message will be broadcast to all connected clients.

If you want to broadcast a message that started at a WebSocket In node, you should delete the msg._session property within the flow.

Proposal
I'd like to propose an option for allowing a headers dictionary to the payload sent to a websocket out node, just like is already possible with the http request node, documented like this:

headers
Sets the HTTP headers of the request.

When set, the request that sets up the websocket connection would have the headers inside the headers object (dictionary) appended to the HTTP header, overwriting any existing headers when they already exist (or according to whatever logic is used already with the http request node).

This feature would allow me to connect to all kinds of "auth protected" websocket servers and allow for a more real-time integration. For example: (auth protected) websocket client connections to the Unifi Controller or the Philips Hue.

2 Likes

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.