how to set socket.io origins to restrict connections to one url

by

If you dig into Socket.io source code, you will find such lines:

var origin = request.headers.origin || request.headers.referer
  , origins = this.get('origins');

...

var parts = url.parse(origin);
parts.port = parts.port || 80;
var ok =
  ~origins.indexOf(parts.hostname + ':' + parts.port) ||
  ~origins.indexOf(parts.hostname + ':*') ||
  ~origins.indexOf('*:' + parts.port);

As you can see Socket.io takes origin (or referer) that came from the client, retrieves domain name and port,
and compares with the origins option you specified.

So the valid origins values are (* means “any”):

  • testsite.com:80
  • http://testsite.com:80
  • http://*:8080
  • *:8080
  • testsite.com:* http://someotherdomain.com:8080 (multiple origins separated by space)
  • testsite.com:*/somepath (socket.io will ignore /somepath)
  • *:*

And these are invalid (because no port number):

  • testsite.com
  • http://testsite.com
  • http://testsite.com/somepath

Also note that if you specify sub.testsite.com as origins value, the testsite.com will be valid origin.

More Related Contents:

  1. Send response to all clients except sender
  2. Send message to specific client with socket.io and node.js
  3. Using socket.io in Express 4 and express-generator’s /bin/www
  4. Scaling Socket.IO to multiple Node.js processes using cluster
  5. How can i export socket.io into other modules in nodejs?
  6. How to send a message to a particular client with socket.io
  7. getting how many people are in a chat room in socket.io [duplicate]
  8. socket.io.js not found
  9. Where is the Socket.IO client-side .js file located?
  10. Callback function example
  11. Creating Rooms in Socket.io
  12. Serial port not working?
  13. Socket.io + PhoneGap
  14. Good beginners tutorial to socket.io? [closed]
  15. node.js /socket.io/socket.io.js not found
  16. node.js TypeError: path must be absolute or specify root to res.sendFile [failed to parse JSON]
  17. Update all clients using Socket.io?
  18. Creating a private chat between a key using a node.js and socket.io
  19. WebSocket connection failed: Error during WebSocket handshake: Unexpected response code: 400
  20. socket.io, ‘Access-Control-Allow-Origin’ error
  21. Manage multiple tabs (but same user) in socket.io
  22. Socket.io – Manual reconnect after client-side disconnect
  23. Socket.io custom client ID
  24. Websocket API to replace REST API? [closed]
  25. how to use jQuery installed with npm in Express app?
  26. Connecting to remote SSH server (via Node.js/html5 console)
  27. Why I got document is not defined error in puppeteer?
  28. puppeteer wait for page/DOM updates – respond to new items that are added after initial loading
  29. JavaScript EventSource SSE not firing in browser
  30. Node JS fs module inside browser

Leave a Comment