WebSocket fails with 401 notAnUpgrade using valid Bearer token (works in Postman) And masked and rsv data is not currently supported #1061
Description
Description:
Hi team!
I'm trying to establish a WebSocket connection using Starscream v4.0.8 to a secure endpoint behind my organization’s gateway (using Zero Trust). The connection fails with a 401 Unauthorized, even though the exact same token works in Postman.
Here’s the error sequence:
WebSocket error: Optional(Starscream.HTTPUpgradeError.notAnUpgrade(401, [...]))
WebSocket error: Optional(Starscream.WSError(type: .protocolError, message: "masked and rsv data is not currently supported", code: 1002))
let url = URL(string: "wss://mobile.go.myOrg-access.com")!
var request = URLRequest(url: url)
request.timeoutInterval = 5
let token = "Bearer (domainAccessToken)"
request.setValue(token, forHTTPHeaderField: "Authorization")
// (Other headers also added here, matching what works in Postman)
socket = WebSocket(request: request, certPinner: FoundationSecurity(allowSelfSigned: true))
socket?.delegate = self
socket?.connect()
The same token and headers work in Postman, and I get a 101 Switching Protocols response.
The token is not expired, correctly formatted as Bearer ..., and accepted by other HTTP endpoints.
Is there a known issue in Starscream v4.0.8 that might interfere with Authorization headers being passed properly?
Any debugging flags or ways to inspect the raw WebSocket upgrade request Starscream sends?