Skip to content

Commit

Permalink
added support for multiple allowed origins
Browse files Browse the repository at this point in the history
  • Loading branch information
@nhnb
nhnb committed Jun 12, 2023
1 parent 91754ae commit 42d42ce
Showing 1 changed file with 15 additions and 1 deletion.
16 changes: 15 additions & 1 deletion src/marauroa/server/net/web/WebSocketChannel.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ public void onOpen(Session session, EndpointConfig config) {
String origin = params.get("origin").get(0);
try {
String expectedOrigin = Configuration.getConfiguration().get("http_origin");
if ((expectedOrigin != null) && !expectedOrigin.equals(origin)) {
if (!validateOrigin(origin, expectedOrigin)) {
logger.warn("Expected origin " + expectedOrigin + " from client " + address + " but got " + origin);
close();
return;
Expand All @@ -85,6 +85,20 @@ public void onOpen(Session session, EndpointConfig config) {
}


private boolean validateOrigin(String origin, String expectedOrigin) {
if (expectedOrigin == null) {
return true;
}
String[] expectedOrigins = expectedOrigin.split(",");
for (String exp : expectedOrigins) {
if (exp.equals(origin)) {
return true;
}
}
return false;
}


@OnMessage
public void onWebSocketText(String message) {
String msg = DebugInterface.get().onMessage(useragent, message);
Expand Down

0 comments on commit 42d42ce

Please sign in to comment.