fix: add missing user-agent header to WebSocket handshake requests#133
Merged
lukeocodes merged 1 commit intodeepgram:mainfrom Feb 26, 2026
Merged
Conversation
- Add user-agent header to WebSocket upgrade requests in websocket.rs and flux.rs - Ensures consistent user-agent across all HTTP/WebSocket requests - Fixes AWS WAF "NoUserAgent_Header" rule violations
There was a problem hiding this comment.
Pull request overview
This PR ensures WebSocket handshake (upgrade) requests include a User-Agent header, aligning them with the existing reqwest HTTP client behavior and preventing AWS WAF NoUserAgent_Header rule violations.
Changes:
- Promotes the existing
USER_AGENTstring to a crate-levelpub(crate)static insrc/lib.rs. - Adds
user-agent: crate::USER_AGENTto the WebSocket upgrade request builders in bothwebsocket.rsandflux.rs. - Keeps the existing
reqwest::ClientBuilder::user_agent(USER_AGENT)behavior unchanged while reusing the same value for WebSockets.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
src/lib.rs |
Moves USER_AGENT to crate scope so it can be reused across HTTP and WebSocket codepaths. |
src/listen/websocket.rs |
Adds user-agent header to the live transcription WebSocket handshake request. |
src/listen/flux.rs |
Adds user-agent header to the Flux WebSocket handshake request. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
lukeocodes
approved these changes
Feb 26, 2026
lukeocodes
added a commit
that referenced
this pull request
Feb 26, 2026
## Summary - **fix**: `Container::None` serialization typo (`"nonne"` → `"none"`) causing 400 errors on TTS raw audio requests (#122) - **fix**: missing `User-Agent` header on WebSocket handshake requests, breaking AWS WAF compatibility (#133) - **fix**: broken Discord badge in README (#135) - **fix**: Flux WebSocket now handles unknown message types gracefully instead of producing stream-breaking `JsonError`s (#141) - `FluxResponse::Unknown(serde_json::Value)` preserves the raw JSON for inspection/logging - `TurnEvent::Unknown` catches unrecognized event strings via `#[serde(other)]` - Non-breaking: both enums are `#[non_exhaustive]` ## Changes - Bump version to 0.9.1 - Update CHANGELOG with 0.9.1 entries - Lock 0.9.0 changelog link to `0.9.0` tag ## Test plan - [x] Verified `Container::None` serialization bug with unit test and e2e against Deepgram API - [x] Confirmed fix produces `container=none` and API returns audio successfully - [x] Mock WebSocket tests verify unknown messages don't break the Flux stream - [x] E2e test streams real audio to Deepgram Flux API successfully - [x] CI passes on this branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fix: add missing user-agent header to WebSocket handshake requests
Proposed changes
This PR is first - amazing, because it is so minimal. But second, awesome, because it helps keep the code DRY and consistent. There exists standard cloud environments that block all traffic to APIs if you don't have a user agent. Right now the Deepgram SDK for Rust doesn't always set a USER AGENT on its requests. This ensures that we always have a USER AGENT set in the HTTP headers so that the traffic won't get blocked by it. It's also just good practice and good hygiene to set this regardless. I classified this as a bug because for a standard out of the box AWS WAF in front of an AWS LB in front of an auto-scaling group of EC2 instances running the default Deepgram Docker images will break and not work without having a USER AGENT on each request made to it. Specifically AWS WAF has a "NoUserAgent_Header" rule that will block traffic from this SDK.
Not a breaking change, not a new feature, and very minimal change.
Types of changes
Checklist
No new tests were added since this is a simple refactoring that moves an existing
constant to make it accessible to WebSocket modules. The existing tests continue
to validate the overall functionality.
Further comments
Alternatives include just disabling the NoUserAgent_Header, but we've seen several bots hit various endpoints and blocking any requests that do not have a header has been a good practice and is part of AWS's best practices.
One last note! The
CONTRIBUTING.MDfile mentions to open a PR against thedevbranch. But there isn't one, so I am opening against main. If this is a mistake, please let me know and I will change it.