diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/CMakeLists.txt b/minimal-examples/ws-server/minimal-ws-raw-proxy/CMakeLists.txt
new file mode 100644
index 000000000..373021246
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/CMakeLists.txt
@@ -0,0 +1,25 @@
+project(lws-minimal-ws-raw-proxy C)
+cmake_minimum_required(VERSION 2.8.12)
+find_package(libwebsockets CONFIG REQUIRED)
+list(APPEND CMAKE_MODULE_PATH ${LWS_CMAKE_DIR})
+include(CheckCSourceCompiles)
+include(LwsCheckRequirements)
+
+set(SAMP lws-minimal-ws-raw-proxy)
+set(SRCS minimal-ws-raw-proxy.c)
+
+set(requirements 1)
+require_lws_config(LWS_ROLE_WS 1 requirements)
+require_lws_config(LWS_WITH_SERVER 1 requirements)
+require_lws_config(LWS_WITH_CLIENT 1 requirements)
+
+if (requirements)
+	add_executable(${SAMP} ${SRCS})
+
+	if (websockets_shared)
+		target_link_libraries(${SAMP} websockets_shared ${LIBWEBSOCKETS_DEP_LIBS})
+		add_dependencies(${SAMP} websockets_shared)
+	else()
+		target_link_libraries(${SAMP} websockets ${LIBWEBSOCKETS_DEP_LIBS})
+	endif()
+endif()
\ No newline at end of file
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/README.md b/minimal-examples/ws-server/minimal-ws-raw-proxy/README.md
new file mode 100644
index 000000000..687162ebe
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/README.md
@@ -0,0 +1,54 @@
+# lws minimal ws - raw proxy
+
+This demonstrates how to use a proxy connection object to bind together two or
+more connections in a proxy.  This particular example has a ws server that
+creates an onward "raw" client connection to 127.0.0.1:1234.
+
+You can make a suitable "raw server" with
+
+```
+$ nc -l 127.0.0.1 1234
+```
+
+## build
+
+```
+ $ cmake . && make
+```
+
+## Commandline Options
+
+Option|Meaning
+---|---
+-d|Set logging verbosity
+
+
+## usage
+
+```
+ $ ./lws-minimal-ws-raw-proxy
+[2021/03/04 21:14:45:0540] U: LWS minimal ws-raw proxy | visit http://localhost:7681 (-s = use TLS / https)
+[2021/03/04 21:14:45:0898] N: LWS: 4.1.99-v4.1.0-294-g2776b4ce65, loglevel 1031
+[2021/03/04 21:14:45:0902] N: NET CLI SRV H1 H2 WS SS-JSON-POL SSPROX IPV6-on
+[2021/03/04 21:14:45:1146] N:  ++ [3224086|wsi|0|pipe] (1)
+[2021/03/04 21:14:45:1203] N:  ++ [3224086|vh|0|netlink] (1)
+[2021/03/04 21:14:45:1284] N:  ++ [3224086|vh|1|localhost||7681] (2)
+[2021/03/04 21:14:45:1401] N: lws_socket_bind: nowsi: source ads ::
+[2021/03/04 21:14:45:1425] N:  ++ [3224086|wsi|1|listen|localhost||7681] (2)
+[2021/03/04 21:14:46:1164] N:  ++ [3224086|wsisrv|0|adopted] (1)
+[2021/03/04 21:14:46:2771] N:  ++ [3224086|wsisrv|1|adopted] (2)
+[2021/03/04 21:14:46:3159] N:  ++ [3224086|wsicli|0|RAW/raw-skt/127.0.0.1] (1)
+[2021/03/04 21:14:46:3451] N:  ++ [3224086|wsisrv|2|adopted] (3)
+
+```
+
+Visit http://localhost:7681 in a browser... it loads JS that opens a ws
+connection to the proxy's ws server side.  That causes the proxy to open a
+raw client connection to 127.0.0.1:1234, and forward anything you type in the
+browser to the raw server, and anything typed in the raw server (you must
+press enter on netcat to get it sent) is proxied back to the browser.
+
+The proxy can handle many ws connections each with their individual onward
+raw client connections, so you could open multiple browser windows.  But you
+will need a better "raw server" than netcat, which is restricted to just the
+one peer at a time. 
\ No newline at end of file
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.cert b/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.cert
new file mode 100644
index 000000000..6f372db40
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.cert
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF5jCCA86gAwIBAgIJANq50IuwPFKgMA0GCSqGSIb3DQEBCwUAMIGGMQswCQYD
+VQQGEwJHQjEQMA4GA1UECAwHRXJld2hvbjETMBEGA1UEBwwKQWxsIGFyb3VuZDEb
+MBkGA1UECgwSbGlid2Vic29ja2V0cy10ZXN0MRIwEAYDVQQDDAlsb2NhbGhvc3Qx
+HzAdBgkqhkiG9w0BCQEWEG5vbmVAaW52YWxpZC5vcmcwIBcNMTgwMzIwMDQxNjA3
+WhgPMjExODAyMjQwNDE2MDdaMIGGMQswCQYDVQQGEwJHQjEQMA4GA1UECAwHRXJl
+d2hvbjETMBEGA1UEBwwKQWxsIGFyb3VuZDEbMBkGA1UECgwSbGlid2Vic29ja2V0
+cy10ZXN0MRIwEAYDVQQDDAlsb2NhbGhvc3QxHzAdBgkqhkiG9w0BCQEWEG5vbmVA
+aW52YWxpZC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCjYtuW
+aICCY0tJPubxpIgIL+WWmz/fmK8IQr11Wtee6/IUyUlo5I602mq1qcLhT/kmpoR8
+Di3DAmHKnSWdPWtn1BtXLErLlUiHgZDrZWInmEBjKM1DZf+CvNGZ+EzPgBv5nTek
+LWcfI5ZZtoGuIP1Dl/IkNDw8zFz4cpiMe/BFGemyxdHhLrKHSm8Eo+nT734tItnH
+KT/m6DSU0xlZ13d6ehLRm7/+Nx47M3XMTRH5qKP/7TTE2s0U6+M0tsGI2zpRi+m6
+jzhNyMBTJ1u58qAe3ZW5/+YAiuZYAB6n5bhUp4oFuB5wYbcBywVR8ujInpF8buWQ
+Ujy5N8pSNp7szdYsnLJpvAd0sibrNPjC0FQCNrpNjgJmIK3+mKk4kXX7ZTwefoAz
+TK4l2pHNuC53QVc/EF++GBLAxmvCDq9ZpMIYi7OmzkkAKKC9Ue6Ef217LFQCFIBK
+Izv9cgi9fwPMLhrKleoVRNsecBsCP569WgJXhUnwf2lon4fEZr3+vRuc9shfqnV0
+nPN1IMSnzXCast7I2fiuRXdIz96KjlGQpP4XfNVA+RGL7aMnWOFIaVrKWLzAtgzo
+GMTvP/AuehKXncBJhYtW0ltTioVx+5yTYSAZWl+IssmXjefxJqYi2/7QWmv1QC9p
+sNcjTMaBQLN03T1Qelbs7Y27sxdEnNUth4kI+wIDAQABo1MwUTAdBgNVHQ4EFgQU
+9mYU23tW2zsomkKTAXarjr2vjuswHwYDVR0jBBgwFoAU9mYU23tW2zsomkKTAXar
+jr2vjuswDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEANjIBMrow
+YNCbhAJdP7dhlhT2RUFRdeRUJD0IxrH/hkvb6myHHnK8nOYezFPjUlmRKUgNEDuA
+xbnXZzPdCRNV9V2mShbXvCyiDY7WCQE2Bn44z26O0uWVk+7DNNLH9BnkwUtOnM9P
+wtmD9phWexm4q2GnTsiL6Ul6cy0QlTJWKVLEUQQ6yda582e23J1AXqtqFcpfoE34
+H3afEiGy882b+ZBiwkeV+oq6XVF8sFyr9zYrv9CvWTYlkpTQfLTZSsgPdEHYVcjv
+xQ2D+XyDR0aRLRlvxUa9dHGFHLICG34Juq5Ai6lM1EsoD8HSsJpMcmrH7MWw2cKk
+ujC3rMdFTtte83wF1uuF4FjUC72+SmcQN7A386BC/nk2TTsJawTDzqwOu/VdZv2g
+1WpTHlumlClZeP+G/jkSyDwqNnTu1aodDmUa4xZodfhP1HWPwUKFcq8oQr148QYA
+AOlbUOJQU7QwRWd1VbnwhDtQWXC92A2w1n/xkZSR1BM/NUSDhkBSUU1WjMbWg6Gg
+mnIZLRerQCu1Oozr87rOQqQakPkyt8BUSNK3K42j2qcfhAONdRl8Hq8Qs5pupy+s
+8sdCGDlwR3JNCMv6u48OK87F4mcIxhkSefFJUFII25pCGN5WtE4p5l+9cnO1GrIX
+e2Hl/7M0c/lbZ4FvXgARlex2rkgS0Ka06HE=
+-----END CERTIFICATE-----
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.key b/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.key
new file mode 100644
index 000000000..148f8598e
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/localhost-100y.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCjYtuWaICCY0tJ
+PubxpIgIL+WWmz/fmK8IQr11Wtee6/IUyUlo5I602mq1qcLhT/kmpoR8Di3DAmHK
+nSWdPWtn1BtXLErLlUiHgZDrZWInmEBjKM1DZf+CvNGZ+EzPgBv5nTekLWcfI5ZZ
+toGuIP1Dl/IkNDw8zFz4cpiMe/BFGemyxdHhLrKHSm8Eo+nT734tItnHKT/m6DSU
+0xlZ13d6ehLRm7/+Nx47M3XMTRH5qKP/7TTE2s0U6+M0tsGI2zpRi+m6jzhNyMBT
+J1u58qAe3ZW5/+YAiuZYAB6n5bhUp4oFuB5wYbcBywVR8ujInpF8buWQUjy5N8pS
+Np7szdYsnLJpvAd0sibrNPjC0FQCNrpNjgJmIK3+mKk4kXX7ZTwefoAzTK4l2pHN
+uC53QVc/EF++GBLAxmvCDq9ZpMIYi7OmzkkAKKC9Ue6Ef217LFQCFIBKIzv9cgi9
+fwPMLhrKleoVRNsecBsCP569WgJXhUnwf2lon4fEZr3+vRuc9shfqnV0nPN1IMSn
+zXCast7I2fiuRXdIz96KjlGQpP4XfNVA+RGL7aMnWOFIaVrKWLzAtgzoGMTvP/Au
+ehKXncBJhYtW0ltTioVx+5yTYSAZWl+IssmXjefxJqYi2/7QWmv1QC9psNcjTMaB
+QLN03T1Qelbs7Y27sxdEnNUth4kI+wIDAQABAoICAFWe8MQZb37k2gdAV3Y6aq8f
+qokKQqbCNLd3giGFwYkezHXoJfg6Di7oZxNcKyw35LFEghkgtQqErQqo35VPIoH+
+vXUpWOjnCmM4muFA9/cX6mYMc8TmJsg0ewLdBCOZVw+wPABlaqz+0UOiSMMftpk9
+fz9JwGd8ERyBsT+tk3Qi6D0vPZVsC1KqxxL/cwIFd3Hf2ZBtJXe0KBn1pktWht5A
+Kqx9mld2Ovl7NjgiC1Fx9r+fZw/iOabFFwQA4dr+R8mEMK/7bd4VXfQ1o/QGGbMT
+G+ulFrsiDyP+rBIAaGC0i7gDjLAIBQeDhP409ZhswIEc/GBtODU372a2CQK/u4Q/
+HBQvuBtKFNkGUooLgCCbFxzgNUGc83GB/6IwbEM7R5uXqsFiE71LpmroDyjKTlQ8
+YZkpIcLNVLw0usoGYHFm2rvCyEVlfsE3Ub8cFyTFk50SeOcF2QL2xzKmmbZEpXgl
+xBHR0hjgon0IKJDGfor4bHO7Nt+1Ece8u2oTEKvpz5aIn44OeC5mApRGy83/0bvs
+esnWjDE/bGpoT8qFuy+0urDEPNId44XcJm1IRIlG56ErxC3l0s11wrIpTmXXckqw
+zFR9s2z7f0zjeyxqZg4NTPI7wkM3M8BXlvp2GTBIeoxrWB4V3YArwu8QF80QBgVz
+mgHl24nTg00UH1OjZsABAoIBAQDOxftSDbSqGytcWqPYP3SZHAWDA0O4ACEM+eCw
+au9ASutl0IDlNDMJ8nC2ph25BMe5hHDWp2cGQJog7pZ/3qQogQho2gUniKDifN77
+40QdykllTzTVROqmP8+efreIvqlzHmuqaGfGs5oTkZaWj5su+B+bT+9rIwZcwfs5
+YRINhQRx17qa++xh5mfE25c+M9fiIBTiNSo4lTxWMBShnK8xrGaMEmN7W0qTMbFH
+PgQz5FcxRjCCqwHilwNBeLDTp/ZECEB7y34khVh531mBE2mNzSVIQcGZP1I/DvXj
+W7UUNdgFwii/GW+6M0uUDy23UVQpbFzcV8o1C2nZc4Fb4zwBAoIBAQDKSJkFwwuR
+naVJS6WxOKjX8MCu9/cKPnwBv2mmI2jgGxHTw5sr3ahmF5eTb8Zo19BowytN+tr6
+2ZFoIBA9Ubc9esEAU8l3fggdfM82cuR9sGcfQVoCh8tMg6BP8IBLOmbSUhN3PG2m
+39I802u0fFNVQCJKhx1m1MFFLOu7lVcDS9JN+oYVPb6MDfBLm5jOiPuYkFZ4gH79
+J7gXI0/YKhaJ7yXthYVkdrSF6Eooer4RZgma62Dd1VNzSq3JBo6rYjF7Lvd+RwDC
+R1thHrmf/IXplxpNVkoMVxtzbrrbgnC25QmvRYc0rlS/kvM4yQhMH3eA7IycDZMp
+Y+0xm7I7jTT7AoIBAGKzKIMDXdCxBWKhNYJ8z7hiItNl1IZZMW2TPUiY0rl6yaCh
+BVXjM9W0r07QPnHZsUiByqb743adkbTUjmxdJzjaVtxN7ZXwZvOVrY7I7fPWYnCE
+fXCr4+IVpZI/ZHZWpGX6CGSgT6EOjCZ5IUufIvEpqVSmtF8MqfXO9o9uIYLokrWQ
+x1dBl5UnuTLDqw8bChq7O5y6yfuWaOWvL7nxI8NvSsfj4y635gIa/0dFeBYZEfHI
+UlGdNVomwXwYEzgE/c19ruIowX7HU/NgxMWTMZhpazlxgesXybel+YNcfDQ4e3RM
+OMz3ZFiaMaJsGGNf4++d9TmMgk4Ns6oDs6Tb9AECggEBAJYzd+SOYo26iBu3nw3L
+65uEeh6xou8pXH0Tu4gQrPQTRZZ/nT3iNgOwqu1gRuxcq7TOjt41UdqIKO8vN7/A
+aJavCpaKoIMowy/aGCbvAvjNPpU3unU8jdl/t08EXs79S5IKPcgAx87sTTi7KDN5
+SYt4tr2uPEe53NTXuSatilG5QCyExIELOuzWAMKzg7CAiIlNS9foWeLyVkBgCQ6S
+me/L8ta+mUDy37K6vC34jh9vK9yrwF6X44ItRoOJafCaVfGI+175q/eWcqTX4q+I
+G4tKls4sL4mgOJLq+ra50aYMxbcuommctPMXU6CrrYyQpPTHMNVDQy2ttFdsq9iK
+TncCggEBAMmt/8yvPflS+xv3kg/ZBvR9JB1In2n3rUCYYD47ReKFqJ03Vmq5C9nY
+56s9w7OUO8perBXlJYmKZQhO4293lvxZD2Iq4NcZbVSCMoHAUzhzY3brdgtSIxa2
+gGveGAezZ38qKIU26dkz7deECY4vrsRkwhpTW0LGVCpjcQoaKvymAoCmAs8V2oMr
+Ziw1YQ9uOUoWwOqm1wZqmVcOXvPIS2gWAs3fQlWjH9hkcQTMsUaXQDOD0aqkSY3E
+NqOvbCV1/oUpRi3076khCoAXI1bKSn/AvR3KDP14B5toHI/F5OTSEiGhhHesgRrs
+fBrpEY1IATtPq1taBZZogRqI3rOkkPk=
+-----END PRIVATE KEY-----
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/minimal-ws-raw-proxy.c b/minimal-examples/ws-server/minimal-ws-raw-proxy/minimal-ws-raw-proxy.c
new file mode 100644
index 000000000..4fd5cb8ed
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/minimal-ws-raw-proxy.c
@@ -0,0 +1,459 @@
+/*
+ * lws-minimal-ws-raw-proxy
+ *
+ * Written in 2010-2021 by Andy Green <andy@warmcat.com>
+ *
+ * This file is made available under the Creative Commons CC0 1.0
+ * Universal Public Domain Dedication.
+ *
+ * This demonstrates a ws (server) -> raw (client) proxy,  it's a ws server
+ * that accepts connections, creates an onward client connection to some other
+ * no-protocol server, eg, nc -l 127.0.0.1 1234
+ *
+ * The idea is to show the general approach for making async proxies using lws
+ * that are robust and valgrind-clean.
+ *
+ * There's no vhd or pss on either side.  Instead when the ws server gets an
+ * incoming connection and negotiates the ws link, he creates an object
+ * representing the proxied connection, it is not destroyed automatically when
+ * any particular wsi is closed, instead the last wsi that is part of the
+ * proxied connection destroys it when he is closed.
+ */
+
+#include <libwebsockets.h>
+#include <string.h>
+#include <signal.h>
+#include <string.h>
+
+/* one of these created for each pending message that is to be forwarded */
+
+typedef struct proxy_msg {
+	lws_dll2_t		list;
+	size_t			len;
+	/*
+	 * the packet content is overallocated here, if p is a pointer to
+	 * this struct, you can get a pointer to the message contents by
+	 * ((uint8_t)&p[1]) + LWS_PRE.
+	 *
+	 * Notice we additionally take care to overallocate LWS_PRE before the
+	 * actual message data, so we can simplify sending it.
+	 */
+} proxy_msg_t;
+
+/*
+ * One of these is created when a inbound ws connection joins, it represents
+ * the proxy action provoked by that.
+ */
+
+typedef struct proxy_conn {
+	struct lws		*wsi_ws; /* wsi for the inbound ws conn */
+	struct lws		*wsi_raw; /* wsi for the outbound raw conn */
+
+	lws_dll2_owner_t	pending_msg_to_ws;
+	lws_dll2_owner_t	pending_msg_to_raw;
+} proxy_conn_t;
+
+
+static int
+proxy_ws_raw_msg_destroy(struct lws_dll2 *d, void *user)
+{
+	proxy_msg_t *msg = lws_container_of(d, proxy_msg_t, list);
+
+	lws_dll2_remove(d);
+	free(msg);
+
+	return 0;
+}
+
+/*
+ * First the ws server side
+ */
+
+static int
+callback_proxy_ws_server(struct lws *wsi, enum lws_callback_reasons reason,
+			 void *user, void *in, size_t len)
+{
+	proxy_conn_t *pc = (proxy_conn_t *)lws_get_opaque_user_data(wsi);
+	struct lws_client_connect_info i;
+	proxy_msg_t *msg;
+	uint8_t *data;
+	int m, a;
+
+	switch (reason) {
+	case LWS_CALLBACK_ESTABLISHED:
+		/* so let's create the proxy connection object */
+		pc = malloc(sizeof(*pc));
+		memset(pc, 0, sizeof(*pc));
+
+		/* mark this accepted ws connection with the proxy conn obj */
+		lws_set_opaque_user_data(wsi, pc);
+		/* tell the proxy conn object that we are the ws side of it */
+		pc->wsi_ws = wsi;
+
+		/*
+		 * For this example proxy, our job is to create a new, onward,
+		 * raw client connection to proxy stuff on to
+		 */
+
+		memset(&i, 0, sizeof(i));
+
+		i.method = "RAW";
+		i.context = lws_get_context(wsi);
+		i.port = 1234;
+		i.address = "127.0.0.1";
+		i.ssl_connection = 0;
+		i.local_protocol_name = "lws-ws-raw-raw";
+
+		/* also mark the onward, raw client conn with the proxy_conn */
+		i.opaque_user_data = pc;
+		/* if it succeeds, set the wsi into the proxy_conn */
+		i.pwsi = &pc->wsi_raw;
+
+		if (!lws_client_connect_via_info(&i)) {
+			lwsl_warn("%s: onward connection failed\n", __func__);
+			return -1; /* hang up on the ws client, triggering
+				    * _CLOSE flow */
+		}
+
+		break;
+
+	case LWS_CALLBACK_CLOSED:
+		/*
+		 * Clean up any pending messages to us that are never going
+		 * to get delivered now, we are in the middle of closing
+		 */
+		lws_dll2_foreach_safe(&pc->pending_msg_to_ws, NULL,
+				      proxy_ws_raw_msg_destroy);
+
+		/*
+		 * Remove our pointer from the proxy_conn... we are about to
+		 * be destroyed.
+		 */
+		pc->wsi_ws = NULL;
+		lws_set_opaque_user_data(wsi, NULL);
+
+		if (!pc->wsi_raw) {
+			/*
+			 * The onward raw conn either never got started or is
+			 * already closed... then we are the last guy still
+			 * holding on to the proxy_conn... and we're going away
+			 * so let's destroy it
+			 */
+
+			free(pc);
+			break;
+		}
+
+		/*
+		 * Onward conn still alive...
+		 * does he have stuff left to deliver?
+		 */
+		if (pc->pending_msg_to_raw.count) {
+			/*
+			 * Yes, let him get on with trying to send
+			 * the remaining pieces... but put a time limit
+			 * on how hard he will try now the ws part is
+			 * disappearing... give him 3s
+			 */
+			lws_set_timeout(pc->wsi_raw,
+				PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE, 3);
+			break;
+		}
+		/*
+		 * Onward raw client conn doesn't have anything left
+		 * to do, let's close him right after this, he will take care to
+		 * destroy the proxy_conn when he goes down after he sees we
+		 * have already been closed
+		 */
+
+		lws_wsi_close(pc->wsi_raw, LWS_TO_KILL_ASYNC);
+		break;
+
+	case LWS_CALLBACK_SERVER_WRITEABLE:
+		if (!pc || !pc->pending_msg_to_ws.count)
+			break;
+
+		msg = lws_container_of(pc->pending_msg_to_ws.head,
+				       proxy_msg_t, list);
+		data = (uint8_t *)&msg[1] + LWS_PRE;
+
+		/* notice we allowed for LWS_PRE in the payload already */
+		m = lws_write(wsi, data, msg->len, LWS_WRITE_TEXT);
+		a = (int)msg->len;
+		lws_dll2_remove(&msg->list);
+		free(msg);
+
+		if (m < a) {
+			lwsl_err("ERROR %d writing to ws\n", m);
+			return -1;
+		}
+
+		/*
+		 * If more to do...
+		 */
+		if (pc->pending_msg_to_ws.count)
+			lws_callback_on_writable(wsi);
+		break;
+
+	case LWS_CALLBACK_RECEIVE:
+		if (!pc || !pc->wsi_raw)
+			break;
+
+		/* notice we over-allocate by LWS_PRE + rx len */
+		msg = (proxy_msg_t *)malloc(sizeof(*msg) + LWS_PRE + len);
+		data = (uint8_t *)&msg[1] + LWS_PRE;
+
+		if (!msg) {
+			lwsl_user("OOM: dropping\n");
+			break;
+		}
+
+		memset(msg, 0, sizeof(*msg));
+		msg->len = len;
+		memcpy(data, in, len);
+
+		/* add us on to the list of packets to send to the onward conn */
+		lws_dll2_add_tail(&msg->list, &pc->pending_msg_to_raw);
+
+		/* ask to send on the onward proxy client conn */
+		lws_callback_on_writable(pc->wsi_raw);
+		break;
+
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+/*
+ * Then the onward, raw client side
+ */
+
+static int
+callback_proxy_raw_client(struct lws *wsi, enum lws_callback_reasons reason,
+			  void *user, void *in, size_t len)
+{
+	proxy_conn_t *pc = (proxy_conn_t *)lws_get_opaque_user_data(wsi);
+	proxy_msg_t *msg;
+	uint8_t *data;
+	int m, a;
+
+	switch (reason) {
+	case LWS_CALLBACK_CLIENT_CONNECTION_ERROR:
+		lwsl_warn("%s: onward raw connection failed\n", __func__);
+		pc->wsi_raw = NULL;
+		break;
+
+	case LWS_CALLBACK_RAW_ADOPT:
+		lwsl_user("LWS_CALLBACK_RAW_ADOPT\n");
+		pc->wsi_raw = wsi;
+		lws_callback_on_writable(wsi);
+		break;
+
+	case LWS_CALLBACK_RAW_CLOSE:
+		lwsl_user("LWS_CALLBACK_RAW_CLOSE\n");
+		/*
+		 * Clean up any pending messages to us that are never going
+		 * to get delivered now, we are in the middle of closing
+		 */
+		lws_dll2_foreach_safe(&pc->pending_msg_to_raw, NULL,
+				      proxy_ws_raw_msg_destroy);
+
+		/*
+		 * Remove our pointer from the proxy_conn... we are about to
+		 * be destroyed.
+		 */
+		pc->wsi_raw = NULL;
+		lws_set_opaque_user_data(wsi, NULL);
+
+		if (!pc->wsi_ws) {
+			/*
+			 * The original ws conn is already closed... then we are
+			 * the last guy still holding on to the proxy_conn...
+			 * and we're going away, so let's destroy it
+			 */
+
+			free(pc);
+			break;
+		}
+
+		/*
+		 * Original ws conn still alive...
+		 * does he have stuff left to deliver?
+		 */
+		if (pc->pending_msg_to_ws.count) {
+			/*
+			 * Yes, let him get on with trying to send
+			 * the remaining pieces... but put a time limit
+			 * on how hard he will try now the raw part is
+			 * disappearing... give him 3s
+			 */
+			lws_set_timeout(pc->wsi_ws,
+				PENDING_TIMEOUT_KILLED_BY_PROXY_CLIENT_CLOSE, 3);
+			break;
+		}
+		/*
+		 * Original ws client conn doesn't have anything left
+		 * to do, let's close him right after this, he will take care to
+		 * destroy the proxy_conn when he goes down after he sees we
+		 * have already been closed
+		 */
+
+		lws_wsi_close(pc->wsi_ws, LWS_TO_KILL_ASYNC);
+		break;
+
+	case LWS_CALLBACK_RAW_RX:
+		lwsl_user("LWS_CALLBACK_RAW_RX (%d)\n", (int)len);
+		if (!pc || !pc->wsi_ws)
+			break;
+
+		/* notice we over-allocate by LWS_PRE + rx len */
+		msg = (proxy_msg_t *)malloc(sizeof(*msg) + LWS_PRE + len);
+		data = (uint8_t *)&msg[1] + LWS_PRE;
+
+		if (!msg) {
+			lwsl_user("OOM: dropping\n");
+			break;
+		}
+
+		memset(msg, 0, sizeof(*msg));
+		msg->len = len;
+		memcpy(data, in, len);
+
+		/* add us on to the list of packets to send to the onward conn */
+		lws_dll2_add_tail(&msg->list, &pc->pending_msg_to_ws);
+
+		/* ask to send on the onward proxy client conn */
+		lws_callback_on_writable(pc->wsi_ws);
+		break;
+
+	case LWS_CALLBACK_RAW_WRITEABLE:
+		lwsl_user("LWS_CALLBACK_RAW_WRITEABLE\n");
+		if (!pc || !pc->pending_msg_to_raw.count)
+			break;
+
+		msg = lws_container_of(pc->pending_msg_to_raw.head,
+				       proxy_msg_t, list);
+		data = (uint8_t *)&msg[1] + LWS_PRE;
+
+		/* notice we allowed for LWS_PRE in the payload already */
+		m = lws_write(wsi, data, msg->len, LWS_WRITE_TEXT);
+		a = (int)msg->len;
+		lws_dll2_remove(&msg->list);
+		free(msg);
+
+		if (m < a) {
+			lwsl_err("ERROR %d writing to raw\n", m);
+			return -1;
+		}
+
+		/*
+		 * If more to do...
+		 */
+		if (pc->pending_msg_to_raw.count)
+			lws_callback_on_writable(wsi);
+		break;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+static struct lws_protocols protocols[] = {
+	{ "http", lws_callback_http_dummy, 0, 0 },
+	{ "lws-ws-raw-ws", callback_proxy_ws_server, 0, 1024 },
+	{ "lws-ws-raw-raw", callback_proxy_raw_client, 0, 1024 },
+	{ NULL, NULL, 0, 0 } /* terminator */
+};
+
+static const lws_retry_bo_t retry = {
+	.secs_since_valid_ping = 3,
+	.secs_since_valid_hangup = 10,
+};
+
+static int interrupted;
+
+static const struct lws_http_mount mount = {
+	/* .mount_next */		NULL,		/* linked-list "next" */
+	/* .mountpoint */		"/",		/* mountpoint URL */
+	/* .origin */			"./mount-origin",  /* serve from dir */
+	/* .def */			"index.html",	/* default filename */
+	/* .protocol */			NULL,
+	/* .cgienv */			NULL,
+	/* .extra_mimetypes */		NULL,
+	/* .interpret */		NULL,
+	/* .cgi_timeout */		0,
+	/* .cache_max_age */		0,
+	/* .auth_mask */		0,
+	/* .cache_reusable */		0,
+	/* .cache_revalidate */		0,
+	/* .cache_intermediaries */	0,
+	/* .origin_protocol */		LWSMPRO_FILE,	/* files in a dir */
+	/* .mountpoint_len */		1,		/* char count */
+	/* .basic_auth_login_file */	NULL,
+};
+
+void sigint_handler(int sig)
+{
+	interrupted = 1;
+}
+
+int main(int argc, const char **argv)
+{
+	struct lws_context_creation_info info;
+	struct lws_context *context;
+	const char *p;
+	int n = 0, logs = LLL_USER | LLL_ERR | LLL_WARN | LLL_NOTICE
+			/* for LLL_ verbosity above NOTICE to be built into lws,
+			 * lws must have been configured and built with
+			 * -DCMAKE_BUILD_TYPE=DEBUG instead of =RELEASE */
+			/* | LLL_INFO */ /* | LLL_PARSER */ /* | LLL_HEADER */
+			/* | LLL_EXT */ /* | LLL_CLIENT */ /* | LLL_LATENCY */
+			/* | LLL_DEBUG */;
+
+	signal(SIGINT, sigint_handler);
+
+	if ((p = lws_cmdline_option(argc, argv, "-d")))
+		logs = atoi(p);
+
+	lws_set_log_level(logs, NULL);
+	lwsl_user("LWS minimal ws-raw proxy | visit http://localhost:7681 (-s = use TLS / https)\n");
+
+	memset(&info, 0, sizeof info); /* otherwise uninitialized garbage */
+	info.port = 7681;
+	info.mounts = &mount;
+	info.protocols = protocols;
+	info.vhost_name = "localhost";
+	info.options =
+		LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE;
+
+#if defined(LWS_WITH_TLS)
+	if (lws_cmdline_option(argc, argv, "-s")) {
+		lwsl_user("Server using TLS\n");
+		info.options |= LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT;
+		info.ssl_cert_filepath = "localhost-100y.cert";
+		info.ssl_private_key_filepath = "localhost-100y.key";
+	}
+#endif
+
+	if (lws_cmdline_option(argc, argv, "-h"))
+		info.options |= LWS_SERVER_OPTION_VHOST_UPG_STRICT_HOST_CHECK;
+
+	if (lws_cmdline_option(argc, argv, "-v"))
+		info.retry_and_idle_policy = &retry;
+
+	context = lws_create_context(&info);
+	if (!context) {
+		lwsl_err("lws init failed\n");
+		return 1;
+	}
+
+	while (n >= 0 && !interrupted)
+		n = lws_service(context, 0);
+
+	lws_context_destroy(context);
+
+	return 0;
+}
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/example.js b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/example.js
new file mode 100644
index 000000000..d350dee95
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/example.js
@@ -0,0 +1,66 @@
+
+function get_appropriate_ws_url(extra_url)
+{
+	var pcol;
+	var u = document.URL;
+
+	/*
+	 * We open the websocket encrypted if this page came on an
+	 * https:// url itself, otherwise unencrypted
+	 */
+
+	if (u.substring(0, 5) === "https") {
+		pcol = "wss://";
+		u = u.substr(8);
+	} else {
+		pcol = "ws://";
+		if (u.substring(0, 4) === "http")
+			u = u.substr(7);
+	}
+
+	u = u.split("/");
+
+	/* + "/xxx" bit is for IE10 workaround */
+
+	return pcol + u[0] + "/" + extra_url;
+}
+
+function new_ws(urlpath, protocol)
+{
+	return new WebSocket(urlpath, protocol);
+}
+
+document.addEventListener("DOMContentLoaded", function() {
+	
+	var ws = new_ws(get_appropriate_ws_url(""), "lws-ws-raw-ws");
+	try {
+		ws.onopen = function() {
+			document.getElementById("m").disabled = 0;
+			document.getElementById("b").disabled = 0;
+		};
+	
+		ws.onmessage =function got_packet(msg) {
+			document.getElementById("r").value =
+				document.getElementById("r").value + msg.data + "\n";
+			document.getElementById("r").scrollTop =
+				document.getElementById("r").scrollHeight;
+		};
+	
+		ws.onclose = function(){
+			document.getElementById("m").disabled = 1;
+			document.getElementById("b").disabled = 1;
+		};
+	} catch(exception) {
+		alert("<p>Error " + exception);  
+	}
+	
+	function sendmsg()
+	{
+		ws.send(document.getElementById("m").value);
+		document.getElementById("m").value = "";
+	}
+	
+	document.getElementById("b").addEventListener("click", sendmsg);
+	
+}, false);
+
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/favicon.ico b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/favicon.ico
new file mode 100644
index 000000000..c0cc2e3df
Binary files /dev/null and b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/favicon.ico differ
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/index.html b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/index.html
new file mode 100644
index 000000000..9c1dc9a49
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/index.html
@@ -0,0 +1,19 @@
+<html>
+ <head>
+  <meta charset=utf-8 http-equiv="Content-Language" content="en"/>
+  <script src="/example.js"></script>
+ </head>
+	<body>
+		<img src="libwebsockets.org-logo.svg">
+		<img src="strict-csp.svg"><br>
+	
+		LWS chat <b>minimal ws server example</b>.<br>
+		Chat is sent to all browsers open on this page.
+		<br>
+		<br>
+		<textarea id=r readonly cols=40 rows=10></textarea><br>
+		<input type="text" id=m cols=40 rows=1>
+		<button id=b>Send</button>
+	</body>
+</html>
+
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/libwebsockets.org-logo.svg b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/libwebsockets.org-logo.svg
new file mode 100644
index 000000000..ef241b37c
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/libwebsockets.org-logo.svg
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="117.26mm" height="19.676mm" version="1.1" viewBox="0 0 117.26 19.677" xmlns="http://www.w3.org/2000/svg" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
+<metadata>
+<rdf:RDF>
+<cc:Work rdf:about="">
+<dc:format>image/svg+xml</dc:format>
+<dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/>
+<dc:title/>
+</cc:Work>
+</rdf:RDF>
+</metadata>
+<path d="m0-2.6715e-4h117.26v19.677h-117.26z" fill="none"/>
+<g transform="matrix(.63895 0 0 .63895 2.5477 3.6562)">
+<g transform="matrix(.9517 0 0 .9517 3.2398 -93.904)">
+<path d="m9.5909 107.4h2.5567v2.649h-2.5567z"/>
+<path d="m12.12 107.36a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+<path d="m12.127 110.05a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+</g>
+<path d="m12.174 13.987a1.2015 1.2015 0 0 1-1.2024 1.2024 1.2015 1.2015 0 0 1-1.2006-1.2024 1.2015 1.2015 0 0 1 1.2006-1.2005 1.2015 1.2015 0 0 1 1.2024 1.2005" stroke-linecap="round" stroke-width=".98647"/>
+<path d="m8.2754 5.0474h2.468v5.6755h-2.468z"/>
+<path d="m16.25 13.965a1.2015 1.2015 0 0 1-1.2027 1.2005 1.2015 1.2015 0 0 1-1.2004-1.2005 1.2015 1.2015 0 0 1 1.2004-1.2025 1.2015 1.2015 0 0 1 1.2027 1.2025" stroke-linecap="round" stroke-width=".98647"/>
+<path d="m19.545 13.928a1.2015 1.2015 0 0 1-1.2025 1.2026 1.2015 1.2015 0 0 1-1.2003-1.2026 1.2015 1.2015 0 0 1 1.2003-1.2005 1.2015 1.2015 0 0 1 1.2025 1.2005" stroke-linecap="round" stroke-width=".98647"/>
+<path d="m23.75 13.902a1.2015 1.2015 0 0 1-1.2005 1.2024 1.2015 1.2015 0 0 1-1.2025-1.2024 1.2015 1.2015 0 0 1 1.2025-1.2005 1.2015 1.2015 0 0 1 1.2005 1.2005" stroke-linecap="round" stroke-width=".98647"/>
+<path d="m26.249 5.0292a1.2015 1.2015 0 0 1-1.2027 1.2004 1.2015 1.2015 0 0 1-1.2004-1.2004 1.2015 1.2015 0 0 1 1.2004-1.2026 1.2015 1.2015 0 0 1 1.2027 1.2026" stroke-linecap="round" stroke-width=".98647"/>
+<g transform="matrix(.9517 0 0 .9517 6.3252 -93.961)">
+<path d="m9.5909 107.4h2.5567v2.649h-2.5567z"/>
+<path d="m12.12 107.36a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+<path d="m12.127 110.05a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+</g>
+<g transform="matrix(.9517 0 0 .9517 9.3806 -93.988)">
+<path d="m9.5909 107.4h2.5567v2.649h-2.5567z"/>
+<path d="m12.12 107.36a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+<path d="m12.127 110.05a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+</g>
+<g transform="matrix(.9517 0 0 .9517 13.506 -94.006)">
+<path d="m9.5909 107.4h2.5567v2.649h-2.5567z"/>
+<path d="m12.12 107.36a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+<path d="m12.127 110.05a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+</g>
+<g transform="matrix(.9517 0 0 .9517 -.82062 -93.74)">
+<path d="m9.5909 107.4h2.5567v2.649h-2.5567z"/>
+<path d="m12.12 107.36a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+<path d="m12.127 110.05a1.2625 1.2625 0 0 1-1.2625 1.262 1.2625 1.2625 0 0 1-1.2625-1.262 1.2625 1.2625 0 0 1 1.2625-1.262 1.2625 1.2625 0 0 1 1.2625 1.262" stroke-linecap="round" stroke-width="1.0365"/>
+</g>
+<path d="m10.703 5.0413a1.2015 1.2015 0 0 1-1.2006 1.2025 1.2015 1.2015 0 0 1-1.2025-1.2025 1.2015 1.2015 0 0 1 1.2025-1.2004 1.2015 1.2015 0 0 1 1.2006 1.2004" stroke-linecap="round" stroke-width=".98647"/>
+</g>
+<g transform="matrix(2.6825 0 0 2.6825 -289.72 -275.57)" dominant-baseline="auto" stroke-width=".29098" style="font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;shape-padding:0;text-decoration-color:#000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal" aria-label="libwebsockets.org">
+<path d="m117.05 105.01v2.752h0.224v-2.752z"/>
+<path d="m117.95 105.71v2.057h0.223v-2.057zm-0.04-0.695v0.318h0.297v-0.318z"/>
+<path d="m118.8 105.01v2.752h0.203l0.02-0.251c0.101 0.157 0.244 0.279 0.649 0.279 0.601 0 0.81-0.307 0.81-1.083 0-0.541-0.09-1.03-0.81-1.03-0.468 0-0.594 0.196-0.649 0.283v-0.95zm0.845 0.87c0.552 0 0.618 0.339 0.618 0.855 0 0.486-0.05 0.852-0.611 0.852-0.426 0-0.632-0.181-0.632-0.852 0-0.597 0.15-0.855 0.625-0.855z"/>
+<path d="m120.79 105.71 0.555 2.057h0.314l0.479-1.858 0.482 1.858h0.314l0.551-2.057h-0.23l-0.482 1.879-0.482-1.879h-0.303l-0.486 1.879-0.478-1.879z"/>
+<path d="m125.54 106.8v-0.157c0-0.433-0.06-0.964-0.869-0.964-0.824 0-0.891 0.566-0.891 1.079 0 0.688 0.196 1.034 0.926 1.034 0.495 0 0.792-0.178 0.831-0.663h-0.224c-0.01 0.377-0.262 0.464-0.628 0.464-0.611 0-0.688-0.314-0.685-0.793zm-1.54-0.195c0.02-0.374 0.08-0.727 0.667-0.727 0.493 0 0.653 0.21 0.65 0.727z"/>
+<path d="m126.04 105.01v2.752h0.203l0.02-0.251c0.101 0.157 0.244 0.279 0.649 0.279 0.601 0 0.81-0.307 0.81-1.083 0-0.541-0.09-1.03-0.81-1.03-0.468 0-0.593 0.196-0.649 0.283v-0.95zm0.845 0.87c0.552 0 0.618 0.339 0.618 0.855 0 0.486-0.05 0.852-0.611 0.852-0.426 0-0.632-0.181-0.632-0.852 0-0.597 0.151-0.855 0.625-0.855z"/>
+<path d="m129.86 106.28c0-0.24-0.06-0.604-0.799-0.604-0.426 0-0.814 0.109-0.814 0.601 0 0.381 0.241 0.471 0.489 0.503l0.576 0.08c0.273 0.04 0.381 0.08 0.381 0.338 0 0.315-0.224 0.391-0.618 0.391-0.646 0-0.646-0.223-0.646-0.481h-0.224c0 0.279 0.04 0.684 0.852 0.684 0.37 0 0.856-0.05 0.856-0.608 0-0.415-0.294-0.492-0.486-0.516l-0.607-0.08c-0.234-0.03-0.356-0.07-0.356-0.297 0-0.192 0.06-0.408 0.593-0.408 0.583 0 0.58 0.237 0.58 0.401z"/>
+<path d="m130.35 106.74c0 0.594 0.06 1.058 0.908 1.058 0.883 0 0.904-0.51 0.904-1.103 0-0.601-0.108-1.01-0.904-1.01-0.852 0-0.908 0.475-0.908 1.055zm0.908-0.852c0.569 0 0.684 0.213 0.684 0.803 0 0.636-0.05 0.904-0.684 0.904-0.584 0-0.688-0.223-0.688-0.824 0-0.6 0.04-0.883 0.688-0.883z"/>
+<path d="m134.12 107.03c0 0.471-0.22 0.565-0.656 0.565-0.496 0-0.667-0.181-0.667-0.838 0-0.782 0.272-0.869 0.677-0.869 0.283 0 0.625 0.06 0.625 0.531h0.22c0.01-0.734-0.639-0.734-0.845-0.734-0.632 0-0.897 0.245-0.897 1.058 0 0.793 0.248 1.055 0.908 1.055 0.468 0 0.834-0.115 0.859-0.768z"/>
+<path d="m135.05 106.64v-1.624h-0.22v2.752h0.22v-1.072l1.076 1.072h0.321l-1.149-1.1 1.041-0.957h-0.318z"/>
+<path d="m138.48 106.8v-0.157c0-0.433-0.06-0.964-0.87-0.964-0.824 0-0.89 0.566-0.89 1.079 0 0.688 0.195 1.034 0.925 1.034 0.496 0 0.793-0.178 0.831-0.663h-0.223c-0.01 0.377-0.262 0.464-0.629 0.464-0.611 0-0.688-0.314-0.684-0.793zm-1.54-0.195c0.02-0.374 0.08-0.727 0.667-0.727 0.492 0 0.653 0.21 0.649 0.727z"/>
+<path d="m139.29 105.71h-0.457v0.206h0.457v1.348c0 0.335 0.07 0.531 0.664 0.531 0.09 0 0.139 0 0.181-0.01v-0.209c-0.06 0-0.136 0.01-0.251 0.01-0.374 0-0.374-0.129-0.374-0.381v-1.292h0.541v-0.206h-0.541v-0.488h-0.22z"/>
+<path d="m142.15 106.28c0-0.24-0.06-0.604-0.799-0.604-0.426 0-0.814 0.109-0.814 0.601 0 0.381 0.241 0.471 0.489 0.503l0.576 0.08c0.272 0.04 0.381 0.08 0.381 0.338 0 0.315-0.224 0.391-0.618 0.391-0.646 0-0.646-0.223-0.646-0.481h-0.224c0 0.279 0.04 0.684 0.852 0.684 0.37 0 0.856-0.05 0.856-0.608 0-0.415-0.294-0.492-0.486-0.516l-0.607-0.08c-0.234-0.03-0.356-0.07-0.356-0.297 0-0.192 0.06-0.408 0.593-0.408 0.583 0 0.58 0.237 0.58 0.401z"/>
+<path d="m142.76 107.44v0.321h0.293v-0.321z"/>
+<path d="m143.54 106.74c0 0.594 0.06 1.058 0.908 1.058 0.883 0 0.904-0.51 0.904-1.103 0-0.601-0.108-1.01-0.904-1.01-0.852 0-0.908 0.475-0.908 1.055zm0.908-0.852c0.569 0 0.684 0.213 0.684 0.803 0 0.636-0.05 0.904-0.684 0.904-0.583 0-0.688-0.223-0.688-0.824 0-0.6 0.04-0.883 0.688-0.883z"/>
+<path d="m145.81 105.71v2.057h0.22v-1.337c0-0.542 0.419-0.542 0.569-0.542h0.206v-0.213c-0.37 0-0.576 0-0.775 0.259l-0.01-0.231z"/>
+<path d="m149.11 105.62c-0.331 0.01-0.391 0.136-0.429 0.217-0.143-0.14-0.44-0.158-0.646-0.158-0.503 0-0.821 0.14-0.821 0.601 0 0.119 0.02 0.272 0.126 0.398-0.175 0.02-0.265 0.157-0.265 0.325 0 0.1 0.04 0.258 0.22 0.311-0.07 0.03-0.245 0.132-0.245 0.408 0 0.412 0.374 0.51 1.006 0.51 0.593 0 0.971-0.09 0.971-0.541 0-0.297-0.175-0.465-0.601-0.489l-0.922-0.06c-0.105 0-0.223-0.05-0.223-0.182 0-0.08 0.04-0.132 0.153-0.195 0.123 0.09 0.322 0.126 0.629 0.126 0.384 0 0.82-0.05 0.82-0.625 0-0.172-0.04-0.227-0.08-0.297 0.06-0.112 0.108-0.133 0.307-0.143zm-1.065 0.258c0.535 0 0.622 0.182 0.622 0.388 0 0.339-0.178 0.426-0.611 0.426-0.423 0-0.622-0.07-0.622-0.384 0-0.356 0.192-0.43 0.611-0.43zm0.206 1.512c0.36 0.02 0.556 0.06 0.556 0.308 0 0.216-0.147 0.331-0.751 0.331-0.674 0-0.8-0.1-0.8-0.345 0-0.304 0.318-0.336 0.328-0.336z"/>
+</g>
+</svg>
diff --git a/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/strict-csp.svg b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/strict-csp.svg
new file mode 100644
index 000000000..cd128f1d2
--- /dev/null
+++ b/minimal-examples/ws-server/minimal-ws-raw-proxy/mount-origin/strict-csp.svg
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="24.78mm" height="24.78mm" version="1.1" viewBox="0 0 24.780247 24.780247" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <defs>
+  <linearGradient id="linearGradient955" x1="66.618" x2="82.588" y1="81.176" y2="64.828" gradientTransform="matrix(.82538 0 0 .82538 -392 -92.399)" gradientUnits="userSpaceOnUse">
+   <stop stop-color="#0aa70b" offset="0"/>
+   <stop stop-color="#3bff39" offset="1"/>
+  </linearGradient>
+  <filter id="filter945" x="-.0516" y="-.0516" width="1.1032" height="1.1032" color-interpolation-filters="sRGB">
+   <feGaussianBlur stdDeviation="0.58510713"/>
+  </filter>
+ </defs>
+ <g transform="translate(342.15 43.638)">
+  <circle transform="matrix(.82538 0 0 .82538 -392 -92.399)" cx="75.406" cy="74.089" r="13.607" filter="url(#filter945)" stroke="#000" stroke-linecap="round" stroke-width="1.565"/>
+  <circle cx="-330.23" cy="-31.716" r="11.231" fill="url(#linearGradient955)" stroke="#000" stroke-linecap="round" stroke-width="1.2917"/>
+  <g transform="matrix(.70929 0 0 .70929 -99.465 -12.686)" stroke-width=".51676px" style="font-feature-settings:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal" aria-label="Strict">
+   <path d="m-330.78-33.775q0 0.73996-0.53676 1.154-0.53676 0.41407-1.4569 0.41407-0.99684 0-1.5336-0.25688v-0.62878q0.34506 0.14569 0.75147 0.23004 0.4064 0.08435 0.80514 0.08435 0.65177 0 0.9815-0.24538 0.32972-0.24921 0.32972-0.69012 0-0.29138-0.11885-0.47542-0.11502-0.18787-0.39107-0.34506-0.27221-0.15719-0.83198-0.35656-0.78213-0.27988-1.1195-0.66328-0.33356-0.3834-0.33356-1.0007 0-0.64794 0.48692-1.0313 0.48691-0.3834 1.2882-0.3834 0.83581 0 1.5374 0.30672l-0.2032 0.56743q-0.69395-0.29138-1.3496-0.29138-0.51759 0-0.80897 0.22237t-0.29138 0.61727q0 0.29138 0.10735 0.47925 0.10735 0.18403 0.36039 0.34123 0.25688 0.15336 0.78214 0.34122 0.88182 0.31439 1.2115 0.67478 0.33356 0.3604 0.33356 0.93549z"/>
+   <path d="m-328.37-32.732q0.16869 0 0.32589-0.023 0.15719-0.02684 0.24921-0.05368v0.48692q-0.10352 0.04984-0.30672 0.08051-0.19937 0.03451-0.3604 0.03451-1.2192 0-1.2192-1.2844v-2.4998h-0.60194v-0.30672l0.60194-0.26455 0.26838-0.89716h0.36807v0.97384h1.2192v0.49458h-1.2192v2.4729q0 0.37957 0.18019 0.58277 0.1802 0.2032 0.49459 0.2032z"/>
+   <path d="m-325.04-36.562q0.27989 0 0.50226 0.04601l-0.0882 0.59044q-0.26072-0.05751-0.46008-0.05751-0.50993 0-0.87415 0.41407-0.3604 0.41407-0.3604 1.0313v2.2544h-0.63644v-4.2021h0.52525l0.0729 0.7783h0.0307q0.23388-0.41024 0.5636-0.63261 0.32972-0.22237 0.72462-0.22237z"/>
+   <path d="m-323.11-32.284h-0.63644v-4.2021h0.63644zm-0.69012-5.3408q0-0.21854 0.10735-0.31822 0.10735-0.10352 0.26838-0.10352 0.15336 0 0.26455 0.10352 0.11118 0.10352 0.11118 0.31822 0 0.2147-0.11118 0.32206-0.11119 0.10352-0.26455 0.10352-0.16103 0-0.26838-0.10352-0.10735-0.10735-0.10735-0.32206z"/>
+   <path d="m-320.07-32.207q-0.91249 0-1.4147-0.55976-0.49842-0.5636-0.49842-1.5911 0-1.0543 0.50609-1.6294 0.50992-0.5751 1.4492-0.5751 0.30288 0 0.60577 0.06518 0.30288 0.06518 0.47541 0.15336l-0.19553 0.54059q-0.21087-0.08435-0.46008-0.13802-0.24921-0.05751-0.44091-0.05751-1.2806 0-1.2806 1.6333 0 0.77447 0.31055 1.1885 0.31439 0.41407 0.92783 0.41407 0.52526 0 1.0774-0.22621v0.5636q-0.42174 0.21854-1.062 0.21854z"/>
+   <path d="m-316.65-32.732q0.16869 0 0.32589-0.023 0.15719-0.02684 0.24921-0.05368v0.48692q-0.10352 0.04984-0.30672 0.08051-0.19937 0.03451-0.3604 0.03451-1.2192 0-1.2192-1.2844v-2.4998h-0.60194v-0.30672l0.60194-0.26455 0.26838-0.89716h0.36806v0.97384h1.2192v0.49458h-1.2192v2.4729q0 0.37957 0.1802 0.58277 0.1802 0.2032 0.49459 0.2032z"/>
+  </g>
+  <g fill="#fff">
+   <g transform="matrix(.70929 0 0 .70929 -99.465 -12.686)" stroke-width=".3317px" style="font-feature-settings:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal" aria-label="Content">
+    <path d="m-332.67-30.173q-0.5931 0-0.93764 0.39622-0.34208 0.39376-0.34208 1.0804 0 0.70631 0.32977 1.0927 0.33224 0.38392 0.94503 0.38392 0.37653 0 0.85889-0.13536v0.36669q-0.37407 0.14028-0.92288 0.14028-0.7949 0-1.228-0.48236-0.43067-0.48236-0.43067-1.3708 0-0.55619 0.20672-0.97456 0.20919-0.41837 0.60049-0.64478 0.39376-0.22641 0.92533-0.22641 0.56603 0 0.98933 0.20672l-0.1772 0.35931q-0.40852-0.19196-0.81705-0.19196z"/>
+    <path d="m-328.77-28.248q0 0.65955-0.33224 1.0312-0.33223 0.36915-0.91795 0.36915-0.36177 0-0.64233-0.16981-0.28055-0.16981-0.43313-0.48728-0.15259-0.31747-0.15259-0.74322 0-0.65955 0.32978-1.0262 0.32977-0.36915 0.91549-0.36915 0.56603 0 0.89827 0.37653 0.3347 0.37653 0.3347 1.0189zm-2.0549 0q0 0.51681 0.20672 0.78752 0.20673 0.27071 0.60787 0.27071t0.60787-0.26825q0.20918-0.27071 0.20918-0.78998 0-0.51435-0.20918-0.78014-0.20673-0.26825-0.61279-0.26825-0.40115 0-0.60541 0.26333-0.20426 0.26333-0.20426 0.78506z"/>
+    <path d="m-326.21-26.897v-1.7449q0-0.32978-0.15012-0.4922-0.15012-0.16243-0.47005-0.16243-0.42329 0-0.62017 0.22887-0.19688 0.22887-0.19688 0.75553v1.4151h-0.40853v-2.6973h0.33223l0.0664 0.36915h0.0197q0.12551-0.19934 0.35192-0.30762 0.22642-0.11075 0.50451-0.11075 0.48728 0 0.73338 0.23626 0.2461 0.2338 0.2461 0.75061v1.7596z"/>
+    <path d="m-324.09-27.185q0.10828 0 0.20918-0.01477 0.1009-0.01723 0.15997-0.03445v0.31255q-0.0665 0.03199-0.19688 0.05168-0.12797 0.02215-0.23134 0.02215-0.7826 0-0.7826-0.82444v-1.6046h-0.38637v-0.19688l0.38637-0.16981 0.17227-0.57588h0.23626v0.6251h0.7826v0.31747h-0.7826v1.5873q0 0.24364 0.11567 0.37407 0.11566 0.13043 0.31747 0.13043z"/>
+    <path d="m-322.04-26.848q-0.59802 0-0.94502-0.36423-0.34454-0.36423-0.34454-1.0115 0-0.65217 0.31993-1.0361 0.32239-0.38392 0.86381-0.38392 0.50697 0 0.80229 0.3347 0.29532 0.33224 0.29532 0.87858v0.25841h-1.8581q0.0123 0.47497 0.23872 0.72107 0.22887 0.2461 0.64232 0.2461 0.4356 0 0.86135-0.18212v0.36423q-0.21657 0.09352-0.41099 0.13289-0.19195 0.04184-0.46513 0.04184zm-0.11074-2.4536q-0.32485 0-0.51927 0.21165-0.19196 0.21165-0.22642 0.58572h1.4102q0-0.38638-0.17227-0.59064-0.17227-0.20672-0.4922-0.20672z"/>
+    <path d="m-318.51-26.897v-1.7449q0-0.32978-0.15012-0.4922-0.15013-0.16243-0.47006-0.16243-0.42329 0-0.62017 0.22887-0.19688 0.22887-0.19688 0.75553v1.4151h-0.40853v-2.6973h0.33224l0.0664 0.36915h0.0197q0.12552-0.19934 0.35193-0.30762 0.22641-0.11075 0.5045-0.11075 0.48728 0 0.73338 0.23626 0.2461 0.2338 0.2461 0.75061v1.7596z"/>
+    <path d="m-316.4-27.185q0.10829 0 0.20919-0.01477 0.1009-0.01723 0.15996-0.03445v0.31255q-0.0664 0.03199-0.19688 0.05168-0.12797 0.02215-0.23133 0.02215-0.7826 0-0.7826-0.82444v-1.6046h-0.38638v-0.19688l0.38638-0.16981 0.17227-0.57588h0.23625v0.6251h0.7826v0.31747h-0.7826v1.5873q0 0.24364 0.11567 0.37407 0.11567 0.13043 0.31747 0.13043z"/>
+   </g>
+   <g transform="matrix(.70929 0 0 .70929 -99.465 -12.686)" stroke-width=".32428px" style="font-feature-settings:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal" aria-label="Security">
+    <path d="m-332.03-22.859q0 0.46434-0.33683 0.72417-0.33682 0.25984-0.91423 0.25984-0.62553 0-0.96236-0.1612v-0.39456q0.21653 0.09142 0.47155 0.14435 0.25503 0.05293 0.50524 0.05293 0.409 0 0.61591-0.15398 0.20691-0.15638 0.20691-0.43306 0-0.18285-0.0746-0.29833-0.0722-0.11789-0.2454-0.21653-0.17082-0.09864-0.52208-0.22375-0.4908-0.17563-0.70252-0.41622-0.20931-0.24059-0.20931-0.62794 0-0.4066 0.30555-0.64718t0.80838-0.24059q0.52448 0 0.96476 0.19247l-0.12751 0.35607q-0.43547-0.18285-0.84687-0.18285-0.3248 0-0.50765 0.13954-0.18284 0.13954-0.18284 0.38735 0 0.18285 0.0674 0.30074 0.0674 0.11548 0.22615 0.21412 0.1612 0.09624 0.4908 0.21412 0.55336 0.19728 0.76027 0.42344 0.20931 0.22615 0.20931 0.58704z"/>
+    <path d="m-330.26-21.875q-0.58463 0-0.92386-0.35607-0.33683-0.35607-0.33683-0.98882 0-0.63756 0.31277-1.0129 0.31517-0.37532 0.84446-0.37532 0.49562 0 0.78432 0.3272 0.28871 0.3248 0.28871 0.8589v0.25262h-1.8164q0.012 0.46434 0.23338 0.70492 0.22374 0.24059 0.62793 0.24059 0.42584 0 0.84206-0.17804v0.35607q-0.21171 0.09142-0.40178 0.12992-0.18766 0.0409-0.45471 0.0409zm-0.10827-2.3987q-0.31757 0-0.50764 0.20691-0.18766 0.20691-0.22134 0.5726h1.3786q0-0.37772-0.16841-0.57741-0.16841-0.2021-0.48118-0.2021z"/>
+    <path d="m-327.56-21.875q-0.5726 0-0.88777-0.35126-0.31277-0.35366-0.31277-0.99844 0-0.66162 0.31758-1.0225 0.31998-0.36088 0.90942-0.36088 0.19007 0 0.38013 0.0409 0.19007 0.0409 0.29833 0.09624l-0.1227 0.33923q-0.13232-0.05293-0.2887-0.08661-0.15639-0.03609-0.27668-0.03609-0.80357 0-0.80357 1.0249 0 0.48599 0.19488 0.74582 0.19728 0.25984 0.58223 0.25984 0.3296 0 0.67605-0.14195v0.35366q-0.26465 0.13714-0.66643 0.13714z"/>
+    <path d="m-325.89-24.56v1.7106q0 0.32239 0.14676 0.48118 0.14675 0.15879 0.45952 0.15879 0.41381 0 0.60388-0.22615 0.19247-0.22615 0.19247-0.73861v-1.3858h0.39938v2.6369h-0.32961l-0.0577-0.35367h-0.0217q-0.1227 0.19488-0.34163 0.29833-0.21653 0.10345-0.49561 0.10345-0.48118 0-0.72177-0.22856-0.23818-0.22856-0.23818-0.73139v-1.725z"/>
+    <path d="m-322.04-24.608q0.17563 0 0.31517 0.02887l-0.0553 0.37051q-0.1636-0.03609-0.2887-0.03609-0.31999 0-0.54855 0.25984-0.22615 0.25984-0.22615 0.64718v1.4147h-0.39938v-2.6369h0.32961l0.0457 0.4884h0.0192q0.14676-0.25743 0.35366-0.39697 0.20691-0.13954 0.45472-0.13954z"/>
+    <path d="m-320.83-21.923h-0.39938v-2.6369h0.39938zm-0.43306-3.3514q0-0.13714 0.0674-0.19969 0.0674-0.06496 0.16841-0.06496 0.0962 0 0.16601 0.06496 0.0698 0.06496 0.0698 0.19969 0 0.13473-0.0698 0.2021-0.0698 0.06496-0.16601 0.06496-0.10105 0-0.16841-0.06496-0.0674-0.06736-0.0674-0.2021z"/>
+    <path d="m-319.13-22.205q0.10586 0 0.2045-0.01443 0.0986-0.01684 0.15638-0.03368v0.30555q-0.065 0.03128-0.19247 0.05052-0.1251 0.02165-0.22615 0.02165-0.76507 0-0.76507-0.80597v-1.5686h-0.37773v-0.19247l0.37773-0.16601 0.16841-0.56298h0.23096v0.6111h0.76508v0.31036h-0.76508v1.5518q0 0.23818 0.11308 0.3657t0.31036 0.12751z"/>
+    <path d="m-318.66-24.56h0.42825l0.57742 1.5037q0.19006 0.51486 0.23577 0.74342h0.0192q0.0313-0.1227 0.12992-0.41862 0.10105-0.29833 0.6544-1.8285h0.42825l-1.1332 3.0025q-0.16841 0.44509-0.39456 0.63034-0.22375 0.18766-0.55095 0.18766-0.18285 0-0.36088-0.0409v-0.31998q0.13232 0.02887 0.29592 0.02887 0.41141 0 0.58704-0.46193l0.14676-0.37532z"/>
+   </g>
+   <g transform="matrix(.70929 0 0 .70929 -99.465 -12.686)" stroke-width=".32334px" style="font-feature-settings:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal" aria-label="Policy">
+    <path d="m-329.37-19.254q0 0.53256-0.36464 0.82043-0.36224 0.28547-1.0387 0.28547h-0.41261v1.3794h-0.40782v-3.5072h0.90919q1.3146 0 1.3146 1.0219zm-1.816 0.75566h0.36703q0.54215 0 0.78445-0.17512 0.24229-0.17512 0.24229-0.56135 0-0.34784-0.2279-0.51817t-0.71008-0.17032h-0.45579z"/>
+    <path d="m-326.43-18.086q0 0.64291-0.32386 1.0051-0.32385 0.35984-0.89479 0.35984-0.35264 0-0.62612-0.16552t-0.42221-0.47498q-0.14873-0.30946-0.14873-0.72447 0-0.64291 0.32145-1.0003 0.32146-0.35984 0.8924-0.35984 0.55175 0 0.8756 0.36703 0.32626 0.36704 0.32626 0.99315zm-2.0031 0q0 0.50377 0.20151 0.76765t0.59253 0.26388q0.39103 0 0.59254-0.26148 0.2039-0.26388 0.2039-0.77005 0-0.50137-0.2039-0.76046-0.20151-0.26148-0.59733-0.26148-0.39103 0-0.59014 0.25668-0.19911 0.25668-0.19911 0.76525z"/>
+    <path d="m-325.33-16.769h-0.39822v-3.7327h0.39822z"/>
+    <path d="m-324.09-16.769h-0.39822v-2.6292h0.39822zm-0.43181-3.3417q0-0.13674 0.0672-0.19911 0.0672-0.06477 0.16793-0.06477 0.0959 0 0.16552 0.06477 0.0696 0.06477 0.0696 0.19911t-0.0696 0.20151q-0.0696 0.06477-0.16552 0.06477-0.10076 0-0.16793-0.06477-0.0672-0.06717-0.0672-0.20151z"/>
+    <path d="m-322.19-16.721q-0.57094 0-0.8852-0.35024-0.31186-0.35264-0.31186-0.99555 0-0.6597 0.31666-1.0195 0.31906-0.35984 0.90679-0.35984 0.18951 0 0.37903 0.04078 0.18951 0.04078 0.29746 0.09596l-0.12234 0.33825q-0.13194-0.05278-0.28787-0.08636-0.15593-0.03598-0.27588-0.03598-0.80123 0-0.80123 1.0219 0 0.48458 0.19431 0.74366 0.19671 0.25908 0.58054 0.25908 0.32865 0 0.67409-0.14154v0.35264q-0.26388 0.13674-0.6645 0.13674z"/>
+    <path d="m-321.31-19.398h0.427l0.57574 1.4993q0.18952 0.51337 0.2351 0.74127h0.0192q0.0312-0.12234 0.12954-0.41741 0.10076-0.29747 0.65251-1.8232h0.427l-1.1299 2.9938q-0.16792 0.4438-0.39342 0.62852-0.2231 0.18712-0.54935 0.18712-0.18232 0-0.35984-0.04078v-0.31906q0.13194 0.02879 0.29507 0.02879 0.41021 0 0.58533-0.46059l0.14634-0.37423z"/>
+   </g>
+  </g>
+ </g>
+</svg>