I should start by saying that I don’t claim any particular knowledge of the intricacy of web services or asterisk – hence the post. Additionally I completely understand that Web RTC is a technology in rapid evolution, with both servers and browsers constantly changing their implementations. For all of those reasons I have realistic expectations of getting this to work with Free PBX in the wild. That having been said I would be delighted if I were able to make this work and in deference to those who work so hard on FreePBX I thought I would give it a go. I would be grateful for comments and guidance on the following points. Im pretty sure Im way off the mark on most of them and would be happy to be set straight.
Note that quotes added to urls to prevent them appearing in post as links.
Current configuration – Latest version of FreePBX distro, 64 bit running paravirtualised on a XenServer. All SIP / IAX and other functionality working very well – including trunk and endpoint access outside the firewall.
External connectivity is via a Sonicwall UTM device with persistent NAT but with all other packet manipulation turned off.
Goal – to successfully implement user Web RTC clients for users in the FreePBX UCP accessed on the public (WAN) side of the firewall.
Current Status – All other functionality of the UCP is working on the Internet side accessed via sip.mydomain.com:81 but the Web RTC phone does not connnect. Looking at the Javascript console this appears to be a Cross-Origin Request Blocking issue – the error occurs when trying to access the URL for the web services – in my case sip.mydomain.com:8080/ws
Some observations and questions
Out of the box the latest build (+ updates) of Free PBX appears to have the web services server (http) listening on port 8088. The requests made by the UCP Web RTC client appear to be to port 8001. I have therefore changed the listening port of the micro web server to 8001. Has this been noticed by anyone else?
Secondly I understand that to satisfy the Same Origin Policy rules the request has to come from exactly the same domain as the resource being accessed – including the protocol, host and port.
It appears that this is not being satisfied by my interned based web browser clients. Both Firefox and Chrome report being unable to access the resource. This seems reasonable because the source of the request is ‘http://sip.mydomain.com:81’ and the resource is on the asterisk server at ‘http://sip.mydomain.com:8001’ - ie the port number is different.
This seems by design – the UCP is on port 81. So my question is – do I need to apply CORS (Cross Origin Resource Sharing) headers to the httpd server that provides the web services on Asterisk / FreePBX? I have tried adding Access-Control-Allow-Origin: ‘http://sip.mydomain.com:81’ but this does not seem to make any difference.
I would like to make progress with this but I am mindful that there might be a great deal of work going on in the background and a lot of these issues might be known about.
If anyone has any information or advice that would influence my decision to persevere with this I would be very grateful. If I haven’t made any elementary mistakes I might need to wait until further releases of browser and Web RTC clients emerge.
Thanks in advance for feedback and to those working on the code for a very exciting project.