Automattic · Copilot · Apr 1, 2026 · Apr 1, 2026 · Copilot · Apr 3, 2026
diff --git a/go.mod b/go.mod
@@ -5,12 +5,12 @@ go 1.23.0
 require (
 	github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b
 	github.com/creack/pty v1.1.18
+	github.com/gorilla/websocket v1.5.3
 	github.com/hashicorp/go-retryablehttp v0.7.1
 	github.com/howeyc/fsnotify v0.9.0
 	github.com/lthibault/jitterbug/v2 v2.2.2
 	github.com/prometheus/client_golang v1.11.0
 	github.com/yookoala/gofast v0.6.0
-	golang.org/x/net v0.38.0
 	golang.org/x/sys v0.31.0
 	golang.org/x/term v0.30.0
 	gopkg.in/tomb.v2 v2.0.0-20161208151619-d5d1b5820637
@@ -25,6 +25,7 @@ require (
 	github.com/prometheus/client_model v0.2.0 // indirect
 	github.com/prometheus/common v0.26.0 // indirect
 	github.com/prometheus/procfs v0.6.0 // indirect
+	golang.org/x/net v0.38.0 // indirect
 	golang.org/x/tools v0.0.0-20200908211811-12e1bf57a112 // indirect
 	google.golang.org/protobuf v1.26.0-rc.1 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -45,6 +45,8 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
+github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/hashicorp/go-cleanhttp v0.5.1 h1:dH3aiDG9Jvb5r5+bYHsikaOUIpcM0xvgMXVoDkXMzJM=
 github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
 github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxCsHI=

diff --git a/remote/remote.go b/remote/remote.go
@@ -27,10 +27,10 @@ import (
 	"time"
 	"unicode"
 
+	gorilla "github.com/gorilla/websocket"
 	"github.com/creack/pty"
 	"github.com/hashicorp/go-retryablehttp"
 	"github.com/howeyc/fsnotify"
-	"golang.org/x/net/websocket"
 	"golang.org/x/sys/unix"
 	"golang.org/x/term"
 )
@@ -39,6 +39,59 @@ const (
 	shutdownErrorCode = 4001 // WebSocket close code when a shutdown signal is detected
 )
 
+// wsNetConn wraps a *gorilla.Conn and implements the net.Conn interface so that
+// the WebSocket connection can be used wherever a plain net.Conn is expected.
+// gorilla/websocket is message-oriented, so Read buffers an entire message and
+// returns chunks of it on successive calls.
+type wsNetConn struct {
+	conn    *gorilla.Conn
+	mu      sync.Mutex // serialises concurrent writes (gorilla requires one writer at a time)
+	readBuf []byte
+}
+
+func newWSNetConn(conn *gorilla.Conn) *wsNetConn {
+	return &wsNetConn{conn: conn}
+}
+
+func (c *wsNetConn) Read(b []byte) (int, error) {
+	for len(c.readBuf) == 0 {
+		_, msg, err := c.conn.ReadMessage()
+		if err != nil {
+			return 0, err
+		}
+		c.readBuf = msg
+	}
+	n := copy(b, c.readBuf)
+	c.readBuf = c.readBuf[n:]
+	return n, nil
+}
+
+func (c *wsNetConn) Write(b []byte) (int, error) {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	if err := c.conn.WriteMessage(gorilla.BinaryMessage, b); err != nil {
+		return 0, err
+	}
+	return len(b), nil
+}
+
+func (c *wsNetConn) writeClose(code int) error {
+	c.mu.Lock()
+	defer c.mu.Unlock()
+	return c.conn.WriteControl(
+		gorilla.CloseMessage,
+		gorilla.FormatCloseMessage(code, ""),
+		time.Now().Add(time.Second),
+	)
+}
+
+func (c *wsNetConn) Close() error               { return c.conn.Close() }
+func (c *wsNetConn) LocalAddr() net.Addr         { return c.conn.LocalAddr() }
+func (c *wsNetConn) RemoteAddr() net.Addr        { return c.conn.RemoteAddr() }
+func (c *wsNetConn) SetDeadline(t time.Time) error      { return c.conn.UnderlyingConn().SetDeadline(t) }
+func (c *wsNetConn) SetReadDeadline(t time.Time) error  { return c.conn.SetReadDeadline(t) }
+func (c *wsNetConn) SetWriteDeadline(t time.Time) error { return c.conn.SetWriteDeadline(t) }
+
 var nonUTF8Replacement = []byte(string(unicode.ReplacementChar))
 
 // Holds info related to a specific remote CLI that is running.
@@ -115,6 +168,10 @@ func ListenForConnections() {
 	listenAddr := "0.0.0.0:22122"
 
 	if remoteConfig.useWebsockets {
+		upgrader := &gorilla.Upgrader{
+			// Allow all origins since this is an internal service, not a browser-facing endpoint.
+			CheckOrigin: func(r *http.Request) bool { return true },
+		}
 		s := &http.Server{
 			Addr: listenAddr,
 			ConnContext: func(ctx context.Context, c net.Conn) context.Context {
@@ -125,9 +182,15 @@ func ListenForConnections() {
 				}
 				return ctx
 			},
-			Handler: websocket.Handler(func(wsConn *websocket.Conn) {
-				log.Printf("websocket connection from %s\n", wsConn.RemoteAddr().String())
-				authConn(wsConn)
+			Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				wsConn, err := upgrader.Upgrade(w, r, nil)
+				if err != nil {
+					log.Printf("websocket upgrade error: %v\n", err)
+					return
+				}
+				netConn := newWSNetConn(wsConn)
+				log.Printf("websocket connection from %s\n", netConn.RemoteAddr().String())
+				authConn(netConn)
 			}),
 		}
 		log.Printf("Listening for websocket protocol on %q...", listenAddr)
@@ -408,9 +471,9 @@ func processShutdown(conn net.Conn, wpcli *wpCLIProcess) {
 
 	wpcli.padlock.Lock()
 
-	wsConn, ok := conn.(*websocket.Conn)
+	wsConn, ok := conn.(*wsNetConn)
 	if ok {
-		wsConn.WriteClose(shutdownErrorCode)
+		wsConn.writeClose(shutdownErrorCode)
-		wsConn.writeClose(shutdownErrorCode)
+		if err := wsConn.writeClose(shutdownErrorCode); err != nil {
+			log.Printf("remote: failed to send websocket close frame during shutdown. GUID: %s, err: %v\n", wpcli.GUID, err)
+		}
-		wsConn.writeClose(shutdownErrorCode)
+		if err := wsConn.writeClose(shutdownErrorCode); err != nil {
+			log.Printf("remote: failed to send websocket close frame during shutdown. GUID: %s, err: %v\n", wpcli.GUID, err)
+		}
 	}
 
 	conn.Close()