WebSocket Connection Fails after Nov 24 and latest patch installed
We had a customer who websocket connection worked until the Nov 24 version was installed. Im aware it closed some security holes. Now the customer is getting 1006 errors. I see were a cookie is generated and a session GUID is created and handed to the customer, but it still fails.
It says it lost connection to the app.
Did anyone else experience this and what was your work around without dropping security?
After the Nov 24 update that tightened security, some users saw WebSocket 1006 errors because the handshake or session validation failed. Common causes include stricter origin checks, cookie/session handling changes, TLS enforcement, or shorter idle timeouts. The workaround is to ensure cookies and headers EZPassWV are sent correctly, update server configs to allow the right origins, keep TLS settings current, and add ping/pong heartbeats—so connections stay secure without dropping.
