WebSocket Proxy Setup#
When using CloudXR.js with HTTPS hosting (for development or production), you need a WebSocket proxy with TLS support to establish secure connections from the browser to the CloudXR Runtime.
Note
Detailed proxy setup instructions, including Docker configurations and Kubernetes deployment examples, are provided in the Early Access Program artifacts on NGC. Refer to the CloudXR.js User Guide to join the program.
Overview#
A WebSocket proxy is required when:
Hosting your web application using HTTPS
Deploying to production environments with SSL certificates
Accessing CloudXR from remote networks or the internet
Using Pico 4 Ultra devices (which require HTTPS)
The proxy acts as a secure gateway, providing TLS termination for WebSocket connections.
Connection Architecture#
Without proxy (HTTP mode):
Browser →ws://<server>:49100→CloudXR Runtime
With proxy (HTTPS mode):
Browser →wss://<proxy>:48322 →CloudXR Runtime (ws://localhost:49100)
Important
When hosting your web application using HTTPS, you must configure a WebSocket proxy and connect using wss://. Browsers block non-secure WebSocket (ws://) connections from secure (HTTPS) pages due to mixed content security policies.
Available Proxy Examples#
The Early Access Program includes example configurations for common deployment scenarios:
Deployment Scenario |
Example Solution |
Setup Complexity |
|---|---|---|
Local development with HTTP |
No proxy needed (direct |
None |
Development/testing with HTTPS |
Docker + HAProxy example |
Low |
Single-server production |
Docker + HAProxy example |
Low |
Kubernetes production |
nginx Ingress example |
Medium |
Firewall Configuration#
Refer to Ports and Firewalls for required ports and firewall configuration instructions.