Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ClementN on December 27, 2010, 12:48:04 AM
-
Hi everyone,
I'm having problems to get websockets (new technology coming with HTML5) working.
In Google Chrome I tried to use : http://websocket.org/echo.html but I'm unable to connect. But as soon as I disable the web agent from avast there is no problem anymore !
No warnings are emitted and no events are logged...
Maybe avast thinks it's not a "normal" HTTP communication (websocket is using the port 80 but not the HTTP protocol)
EDIT1 : more information, my avast is up to date (27 december 2010)
avast free edition, language FR, version 5.0.677
engine and VPS : version 101226-2
EDIT2 : I've found only 1 link about this topic, in japanese : http://bl.oov.ch/2010/12/avast-web-websocket.html
-
does it show any warning when you try to visit it?if it does not then maybe try to contact with alwil via email and explain the problem because it seems like a false programming..i think that if your installation had a ptoblem,avast would block every site..i'm not an expert though so keep an eye on here for more replies ;)
you can contact alwil by submitting a ticket here: http://support.avast.com/
-
I will submit a ticket, it seems to be a real bug !
-
Just FYI.
Using Win XP SP3, Google Chrome 8.0.552.224 and Avast 5.1.849 (Yes, the Beta) and there are no problems with my "Web Sockets".
-
I will submit a ticket, it seems to be a real bug !
have you changed any settings in avast or everything is by default?just curious so i can make a little research..
thanks in advance
-
have you changed any settings in avast or everything is by default?just curious so i can make a little research..
I haven't done a lot of modifications in the settings and the advanced settings for the web agent are the default ones (I tried to change them, one by one, to spot the problem but I didn't found anything relevant).
-
if you add the url in the exclusion list of web shield,does it make any diference?you can add a url in the exclusion list by going to avast control panel>web shield>expret settings>exclusions>URLs to exclude, and add the url with the html5 and tell me what happens..if the problem persists then i would try a repair of avast by going to start>control panel>programs>unistall a program>change/remove avast and at the setup menu scroll down and select repair..
EDIT 1:before trying the things i suggested,open the web shield and and the bottom right side there is a button saying "show report file" and copy paste what it says..
-
by Venkat on December 14, 2010
Due to security issues in WebSockets protocol Firefox and Opera turned off support for WebSockets for their next major releases Firefox 4 and Opera 11. We’ve covered how to enable WebSockets in Opera 11. Firefox 4 Beta 8 will be released with WebSockets support disabled by default,
More on link
http://techdows.com/2010/12/turn-on-websockets-in-firefox-4.html (http://techdows.com/2010/12/turn-on-websockets-in-firefox-4.html)
December 10, 2010 3:54 AM PST
Web Sockets and the risks of unfinished standards
Enthusiasm for a promising new standard called Web Sockets has quickly cooled in some quarters as a potential security problem led some browser makers to hastily postpone support.
The Web Sockets technology, which opens up a live communication link between a browser and a server, remains an important part of plans to make the Web a home for more dynamic, interactive sites. It could, for example, speed up Google Instant searching and multiplayer games. But Mozilla and Opera put their Web Socket plans on hold this week until the wrinkles are ironed out.
"We've decided to disable support for WebSockets in Firefox 4, starting with beta 8 due to a protocol-level security issue," Christopher Blizzard, a Mozilla leader of new-technology work, said in a blog post. "Once we have a version of the protocol that we feel is secure and stable, we will include it in a release of Firefox, even a minor update release...To be clear, we're still excited about what WebSockets offers and we're working hard with the IETF [Internet Engineering Task Force] on a new WebSockets protocol." (Although the World Wide Web Consortium (W3C) is standardizing Web Sockets as part of HTML5, the IETF is in charge of the actual communication protocol it uses.)
More on link
http://news.cnet.com/8301-30685_3-20025272-264.html (http://news.cnet.com/8301-30685_3-20025272-264.html)
-
I tried to exclude some URL's (the webpage URL, the WS server's URL with ws:// prefix and the same one with http prefix) and the problem persists.
The report file is empty, there are only start/stop logs.
Repair done, same problem.
@Nesivos thx for the links but I'm already aware about this situation. I enabled WS in firefox and chrome by disabling the default security setting etc, the problem is not there. Moreover when I disable avast web shield it works, so it's not a browser's configuration problem.
-
I tried to exclude some URL's (the webpage URL, the WS server's URL with ws:// prefix and the same one with http prefix) and the problem persists.
The report file is empty, there are only start/stop logs.
Repair done, same problem.
@Nesivos thx for the links but I'm already aware about this situation. I enabled WS in firefox and chrome by disabling the default security setting etc, the problem is not there. Moreover when I disable avast web shield it works, so it's not a browser's configuration problem.
Got ya :)
However, WS might be detecting some malicious code so it blocks the connection to the site.
Web Sockets problem
Now, though, plans are shifting with publication of a security problem by Adam Barth, a programmer with extensive browser security expertise. In a November 26 paper (PDF), Barth pointed out a problem with the "handshake" used to set up Web Sockets connections. By exploiting it, an attacker could get a browser to run malicious code through a mechanism called cache poisoning, Barth and the paper's co-authors said
.
http://news.cnet.com/8301-30685_3-20025272-264.html#ixzz19KuPGDoF (http://news.cnet.com/8301-30685_3-20025272-264.html#ixzz19KuPGDoF)
see report here
http://www.adambarth.com/experimental/websocket.pdf (http://www.adambarth.com/experimental/websocket.pdf)
-
I'm already over-documented about this.
The point is that it works perfectly without the web shield. There's not malicious code, it is just an echo response...
The problem is the same with other examples of WS.
-
I'm already over-documented about this.
The point is that it works perfectly without the web shield. There's not malicious code, it is just an echo response...
The problem is the same with other examples of WS.
The point is that Websockets at this point are a security risk.
Disable WS at your own risk.
Good luck :)
-
(WS = WebSockets/WebShield ? Confusing lol)
I'm programming something based on websockets so... I have no other choice ;)
-
hello i have seriouslu problems with my avast . its bloking my internet explorer ad i cant see the avast firewall , im very tired of find this but i cant find that. please helpme.
-
Ok, now you have the right section, but you still need to start your own topic. ;)
-
I tried to exclude some URL's (the webpage URL, the WS server's URL with ws:// prefix and the same one with http prefix) and the problem persists.
The report file is empty, there are only start/stop logs.
Repair done, same problem.
@Nesivos thx for the links but I'm already aware about this situation. I enabled WS in firefox and chrome by disabling the default security setting etc, the problem is not there. Moreover when I disable avast web shield it works, so it's not a browser's configuration problem.
disabling avast web shield is really dangerous because its your first line of defense..as for the urls exlusion you have to add the urls like this..if that doesnt work either let me know..
I'm already over-documented about this.
The point is that it works perfectly without the web shield. There's not malicious code, it is just an echo response...
The problem is the same with other examples of WS.
The point is that Websockets at this point are a security risk.
Disable WS at your own risk.
Good luck :)
i agree with nesivos on this one..WS are considered a security risk and thats the reason web shield is blocking them..thats why i suggest the exclusion list which should work if you added the urls like the image above ;)
-
I disabled 3 URL's as previously explained. But the websockets don't work either.
I know that this technology can be a security breach, but in this case I would like avast to show me a message, a notification explaining me that it has blocked something. I don't get any message in the logs.
-
Hi everyone,
I'm having problems to get websockets (new technology coming with HTML5) working.
In Google Chrome I tried to use : http://websocket.org/echo.html but I'm unable to connect. But as soon as I disable the web agent from avast there is no problem anymore !
No warnings are emitted and no events are logged...
Maybe avast thinks it's not a "normal" HTTP communication (websocket is using the port 80 but not the HTTP protocol)
EDIT1 : more information, my avast is up to date (27 december 2010)
avast free edition, language FR, version 5.0.677
engine and VPS : version 101226-2
EDIT2 : I've found only 1 link about this topic, in japanese : http://bl.oov.ch/2010/12/avast-web-websocket.html
Hi,
I am Jan Carlin. I work for Kaazing as the support director. I've been following this discussion and have a question: does our demo page kaazing.me (http://kaazing.me) work when using avast in the way described here? If it works, you should see the New York Times news feed and the Twitter feed and other demos running. I suspect that it will work. Could you please test ClementN?
Jan Carlin, Kaazing Support
-
Hi,
I know this page ;)
Webshield enabled : doesn't work.
Webshield disabled : works well.
-
kaazing.me works fine with me with webshield on :S
-
More info : I don't have a firewall (except windows xp's one).
-
Hi,
I know this page ;)
Webshield enabled : doesn't work.
Webshield disabled : works well.
Clement,
Could I ask two questions:
--What browser are you using when you access kaazing.me?
--Would it be possible to ask for a Wireshark trace of this test? This would make it possible for us to determine what is going on. Let me know if you need help with the Wiresharking.
--Jan Carlin
-
I'm using FF 4.0 bêta 8.
Important news : when acquiring wireshark trace I left kaazing hanging, trying to establish a socket... And it worked with avast web shield enabled !
Web shield seems to delay (not block) (about 20sec) the connection...
Sorry but after a few sec I thought it wouldn't work, even after more time... This behaviour is less buggy but not perfect yet.
EDIT : do you still want the trace ? (I know how to use wireshark)
-
I'm using FF 4.0 bêta 8.
Important news : when acquiring wireshark trace I left kaazing hanging, trying to establish a socket... And it worked with avast web shield enabled !
Web shield seems to delay (not block) (about 20sec) the connection...
Sorry but after a few sec I thought it wouldn't work, even after more time... This behaviour is less buggy but not perfect yet.
EDIT : do you still want the trace ? (I know how to use wireshark)
Clement
Could you please send me the Wireshark trace. I should be able to, at a minimum, tell you more about what is going on.
--Jan Carlin
-
http://fex.insa-lyon.fr/get?k=rqdDyjZPEabOFdQM8HV
First try : without web shield : works well.
Second try (there is a few blank seconds between the two) : with web shield. It worked with a 20 seconds delay (between the page loading and the first dynamic data coming).
-
This may be a shot in the dark, but could you try adding port 443 into the avast redirect settings to see if this may help? Open the avast gui, click settings, and go down to troubleshooting. I know you have tried the advanced settings in avast but I'm not sure which ones. Maybe try 8080. Another shot in the dark!
-
http://fex.insa-lyon.fr/get?k=rqdDyjZPEabOFdQM8HV
First try : without web shield : works well.
Second try (there is a few blank seconds between the two) : with web shield. It worked with a 20 seconds delay (between the page loading and the first dynamic data coming).
Clement
Looking at the pcap you supplied I see a 20 second delay (exactly in fact) between a failed native (FF 4 supports native WS if you turn it on) connect attempt (#1802) and our fallback emulation implementation (#1902). See #722 for a successful connection.
The reason that 1802 fails is that the 8 bytes the client ends the request with are not there. Sending the 8 bytes is done to be compliant to the spec, see http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76#section-4.1 point 26. Without these 8 bytes the Kaazing Server will not respond, which again is according to spec. Since this does not happen when web-shield is turned off, the cause of this appears to be that the web-shield blocks them.
The emulation succeeds, after the delay, because it uses a different protocol, which avast doesn't appear to interfere with. The delay seems to be introduced by the browser.
I will bring this issue up with avast
--Jan Carlin
Kaazing Global Support
-
@Charyb I added 443 and 8080 to the "http ports" in troubleshooting. Same problem :(
@Jan Carlin thx for the explanations. Let me know if you have more informations
-
Sorry about that. It was I shot in the dark. I was wondering if websockets used a different port other than 80 and found 443.
There is an Avast pre-release update 5.1.874 if you would like to try it out. http://forum.avast.com/index.php?topic=68927.0
I have no clue if anything included in the update would help this or not.
jan.carlin has a good idea of what is going on though.
-
I have installed the new beta avast as you proposed. Same problem...
-
I can confirm this is indeed happening. I spent many useless hours reviewing code that was perfect, but it all suddenly stopped working, no matter which Web-browser I used.
At first I unwillingly suspected that I somehow broke the code. But it turned out that it was all failing thanks to Avast's recent update. The Web-shield was identifying Websockets as a security risk.
Seeing as web-socket is a new technology and many developers are now starting to learn about HTML5, I think this move will frustrate a LOT of people that will probably never figure this out and will likely blame it on browsers or their own code.
While I'm relieved to finally know what the heck was happening, I found it very troublesome that Avast didn't make it obvious that it was doing all of this behind the scenes.
If I -don't- want websocket, I'll use the latest public version Firefox or IE.
I honestly didn't like this move. I'll certainly be a lot more suspicious of Avast from now on.
-
While I'm relieved to finally know what the heck was happening, I found it very troublesome that Avast didn't make it obvious that it was doing all of this behind the scenes.
Like the OP posted, exclusion isn't working for us. We're forced to turn off web-shield, which even I as the original developer, do it reluctantly. I can't begin to imagine how I would go about convincing any potential users of my new websocket service to try it out, when the first thing they hear is that avast users should turn off WS if they want to try the system out.
And the log appears to says nothing...If I had something I trusted as much as I do avast, I would be switching AV right now. This sucks.
-
Hello,
I am working on a project using websockets and I noticed the exact same problem, when the Avast web agent is turned on, websockets do not work. Avast obviously blocks something which seems buggy because the Avast GUI does not show anything.
I tried http://kaazing.me/ on Chrome v 10.0.648.204, it does notwork at all when Avast is running. If I turn Avast off, it works.
Using Firefox 4 with websockets disabled the newsfeed works I guess it uses your fallback communication channel when websockets connection fails.
My project that uses websockets has the exact same behavior : works with the Web agent off, does not work with the Web agent on.
-
I am working on a project using websockets
With no support in IE9 and support disabled in FF4 and Opera by default, almost noone will be able to use your project. Basically you are wasting your time.
-
With no support in IE9 and support disabled in FF4 and Opera by default, almost noone will be able to use your project. Basically you are wasting your time.
Thank you for your advice but my website is a full Flex website and I use a flash implementation of websockets, so it works wonderfully on any browser when Avast is turned off.
The problem remains with Avast, and strangely enough, Avasts seems to block websockets only when using Chrome. Worse than that, I don't even get an IO error when trying to connect, but websocket messages just never reach the server when Avast is on, and about 5 minutes later, I finally get an IO error probably due to a timeout or something like that.
Anyway it would be nice if Avast was fixed before websockets become too popular.
-
This is an issue with Avast that has been discovered AND reported multiple times during the past 3 or 4 years. It has been like that on avast 4, and it's still like that till today. I've been faced with this issue when I was building multi-player games in flash with a socket server.
Check this forum post I did over a year ago: http://forum.avast.com/index.php?topic=68270.0
Now that your reports say It blocks web sockets, it's more than apparent that avast blocks stuff on port 80 that don't seem like pure standard http web requests... (yes I tried too kaazing.me and it won't work with the web shield on.. but the split second i disable the shield, it comes to life).
Avast devs.. this is a showstopper bug that's been there for ages.. do something!
-
Thanks for you sharing. (http://www.bikehelmetsreviews.com/)