fix(worker): terminal WebSocket return raw DO response and allowlist headers

- Return container.fetch() Response as-is (match Cloudflare containers WS example).
- Forward only handshake + X-* headers; drop full browser/CF header copy.
- Rely on CloudShellTerminal defaultPort 8080 instead of switchPort.

Made-with: Cursor

Author: acoyfellow

worker/effect/services.ts

@@ -184,10 +184,20 @@ function toContainerFailure(message: string, retryable: boolean) {
 }
 
 /**
- * DO → container: same shape as agentcast-exploration CDP proxy — browser URL with path rewritten to
- * `/ws/terminal`, full handshake headers forwarded, ticket stripped from query. Session/tab identity
- * from validated `X-*` overrides (main.go).
+ * DO → container: worker URL path → `/ws/terminal`, ticket stripped (JWT length / auth). Identity from
+ * validated `X-*` (main.go). Handshake headers are allowlisted only — forwarding full browser / CF
+ * headers has caused failed upgrades (1006); Cloudflare’s container WS example forwards the client
+ * request as-is, but we must strip hop-by-hop and edge noise for the inner hop.
  */
+const WS_FORWARD_HEADER_NAMES = [
+  'upgrade',
+  'connection',
+  'sec-websocket-key',
+  'sec-websocket-version',
+  'sec-websocket-protocol',
+  'sec-websocket-extensions',
+] as const;
+
 export function buildContainerWebSocketRequest(
   clientRequest: Request,
   username: string,
@@ -200,21 +210,22 @@ export function buildContainerWebSocketRequest(
   containerUrl.searchParams.delete('sessionId');
   containerUrl.searchParams.delete('tabId');
 
-  const h = new Headers(clientRequest.headers);
+  const h = new Headers();
+  for (const name of WS_FORWARD_HEADER_NAMES) {
+    const v = clientRequest.headers.get(name);
+    if (v) {
+      h.set(name, v);
+    }
+  }
   h.set('X-User', username);
   h.set('X-Session-Id', sessionId);
   h.set('X-Tab-Id', tabId);
 
-  return new Request(containerUrl.toString(), { method: 'GET', headers: h });
-}
-
-/** Match exploration: return a fresh 101 Response with the DO `webSocket` so the client upgrade completes reliably. */
-export function upgradeWebSocketResponse(res: Response): Response {
-  const ws = (res as { webSocket?: WebSocket }).webSocket;
-  if (ws != null) {
-    return new Response(null, { status: 101, webSocket: ws });
-  }
-  return res;
+  return new Request(containerUrl.toString(), {
+    method: 'GET',
+    headers: h,
+    signal: clientRequest.signal,
+  });
 }
 
 function runtimeAnnotations(context: RuntimeLogContext, containerId: string) {
@@ -915,10 +926,9 @@ const ContainerRuntimeLive = Layer.effect(
                 input.sessionId,
                 input.tabId
               );
-              const switched = switchPort(containerReq, 8080);
               let res: Response;
               try {
-                res = await ready.container.fetch(switched);
+                res = await ready.container.fetch(containerReq);
               } catch (err) {
                 console.error('[ws/terminal] DO stub.fetch threw', {
                   containerId: ready.containerId,
@@ -938,7 +948,7 @@ const ContainerRuntimeLive = Layer.effect(
                 const peek = await res.clone().text().catch(() => '');
                 console.log('[ws/terminal] non-upgrade response body', peek.slice(0, 400));
               }
-              return upgradeWebSocketResponse(res);
+              return res;
             },
             catch: toContainerFailure('Container error, please retry in a moment.', true),
           })

worker/index.ts

@@ -1,6 +1,6 @@
 import { Hono } from 'hono';
 import type { Context, ExecutionContext } from 'hono';
-import { Container, getContainer, switchPort } from '@cloudflare/containers';
+import { Container, getContainer } from '@cloudflare/containers';
 import {
   backupWorkspace,
   checkpointSession,
@@ -22,7 +22,7 @@ import {
   updateSession,
   prepareTerminalForWebSocketContext,
 } from './effect/programs';
-import { buildContainerWebSocketRequest, upgradeWebSocketResponse } from './effect/services';
+import { buildContainerWebSocketRequest } from './effect/services';
 import {
   runJsonRoute,
   runRequestEffect,
@@ -512,7 +512,7 @@ const app = createApp();
 
 /**
  * Guarded smoke route matching cloudflare/containers-demos/terminal worker:
- * `return await getContainer(binding).fetch(switchPort(request, 8080))` on the browser request (minus `secret` query).
+ * `return await getContainer(binding).fetch(request)` on the browser request (minus `secret` query); DO `defaultPort` is 8080.
  * Enable with TERMINAL_PARITY_SECRET in deploy env + second container in alchemy.run.ts.
  */
 async function handleTerminalParitySmoke(request: Request, env: Env): Promise<Response> {
@@ -529,8 +529,7 @@ async function handleTerminalParitySmoke(request: Request, env: Env): Promise<Re
   const forward = new Request(url.toString(), request);
   console.log('[terminal-parity] demo-shaped stub.fetch', { pathname: url.pathname });
   try {
-    const res = await getContainer(ns).fetch(switchPort(forward, 8080));
-    return upgradeWebSocketResponse(res);
+    return await getContainer(ns).fetch(forward);
   } catch (err) {
     console.error('[terminal-parity] stub.fetch threw', err);
     return toErrorResponse(
@@ -566,7 +565,7 @@ async function handleTerminalWebSocket(request: Request, env: Env): Promise<Resp
     const inner = buildContainerWebSocketRequest(request, prep.username, prep.sessionId, prep.tabId);
     let res: Response;
     try {
-      res = await prep.ready.container.fetch(switchPort(inner, 8080));
+      res = await prep.ready.container.fetch(inner);
     } catch (err) {
       console.error('[ws/terminal] DO stub.fetch threw', { ms: Date.now() - t0, err });
       return toErrorResponse(
@@ -588,7 +587,7 @@ async function handleTerminalWebSocket(request: Request, env: Env): Promise<Resp
       const peek = await res.clone().text().catch(() => '');
       console.log('[ws/terminal] non-upgrade response body', peek.slice(0, 400));
     }
-    return upgradeWebSocketResponse(res);
+    return res;
   } catch (error) {
     return toErrorResponse(error);
   }