#730 bug(websockets): not properly checked request originv2.3.1-beta.3

#730 bug(websockets): not properly checked request origin
author: Valery Piashchynski <[email protected]> 2021-06-16 15:53:40 +0300
committer: GitHub <[email protected]> 2021-06-16 15:53:40 +0300
commit: 25e0841c6aa5e2686da5b9f74e3d77d3814ff592 (patch)
tree: 5b7c5259375d53b0685bf838555118d5ad93f149 /plugins/websockets/plugin.go
parent: 9dc98d43b0c0de3e1e1bd8fdc97c122c7c7c594f (diff)
parent: b1aa5d0ea3617710aec6476bdae956e16b946281 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/plugins/websockets/plugin.go b/plugins/websockets/plugin.go
index 6dfe6ca3..8b708187 100644
--- a/plugins/websockets/plugin.go
+++ b/plugins/websockets/plugin.go
@@ -82,6 +82,9 @@ func (p *Plugin) Init(cfg config.Configurer, log logger.Logger, server server.Se
 		HandshakeTimeout: time.Second * 60,
 		ReadBufferSize:   1024,
 		WriteBufferSize:  1024,
+		CheckOrigin: func(r *http.Request) bool {
+			return isOriginAllowed(r.Header.Get("Origin"), p.cfg)
+		},
 	}
 	p.serveExit = make(chan struct{})
 	p.server = server
author	Valery Piashchynski <[email protected]>	2021-06-16 15:53:40 +0300
committer	GitHub <[email protected]>	2021-06-16 15:53:40 +0300
commit	25e0841c6aa5e2686da5b9f74e3d77d3814ff592 (patch)
tree	5b7c5259375d53b0685bf838555118d5ad93f149 /plugins/websockets/plugin.go
parent	9dc98d43b0c0de3e1e1bd8fdc97c122c7c7c594f (diff)
parent	b1aa5d0ea3617710aec6476bdae956e16b946281 (diff)