Thank you! I missed that.
Disabling web status breaks HTTP healthchecks though, since crossbar also responds with 426.
So what is did in the end is:
a). Disabled web status (generating templated html every 10 seconds just for healthchecks seems like a waste)
b). Requiring websocket upgrade in the reverse-proxy as per my above example to block any “outgoing” html
c). Switched to web transport with a separate path for healthchecks. Along the way I hit the issue that crossbar leaks sever version in web transport. Not a biggie, since it’s just for internal K8s healthcheck
# Main transport - requires authentication
- type: web
(I then mount an OK index.html file from K8s configmap under /var/lib/crossbar/health)
On Tuesday, 16 October 2018 20:32:08 UTC+11, Alexander Gödde wrote:
This can be configured via the WebSocket transport options - see https://crossbar.io/docs/WebSocket-Options/ - “enable_webstatus”
Am Dienstag, 16. Oktober 2018 03:34:35 UTC+2 schrieb Zaar Hai:
I’ve configured crossbar with the following transport:
Now whenever I visit localhost:8080 with a browser, I see the following status page:
The problem is that it exposes too much details (the fact that it’s WAMP/crossbar, its version, etc.) and I don’t to expose it over the internet like this. Is there a proper way to disable it? (I can mount empty dir in docker onto /usr/local/site-packages/crossbar/webservice/templates, but it’s hacky, fragile and produces confusing empty responses)