Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-28 09:36:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: close #7002, console message if mismatched origins

Browse Source
This commit is contained in:
Peter Jaszkowiak
2018-11-28 20:23:42 -07:00
committed by Julian Lam
parent 43c3bb02e5
commit 89c025d102
3 changed files with 22 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
public/src/sockets.js
View File

@@ -150,4 +150,16 @@ app.isConnected = false;
}, },
}); });
} }
if (
config.socketioOrigins
&& config.socketioOrigins !== '*'
&& config.socketioOrigins.indexOf(location.hostname) === -1
) {
console.error(
'You are accessing the forum from an unknown origin. This will likely result in websockets failing to connect. \n'
+ 'To fix this, set the `"url"` value in `config.json` to the URL at which you access the site. \n'
+ 'For more information, see this FAQ topic: https://community.nodebb.org/topic/13388'
);
}
}()); }());

1
src/controllers/api.js
View File

@@ -40,6 +40,7 @@ apiController.loadConfig = function (req, callback) {
config.disableChatMessageEditing = meta.config.disableChatMessageEditing === 1; config.disableChatMessageEditing = meta.config.disableChatMessageEditing === 1;
config.maximumChatMessageLength = meta.config.maximumChatMessageLength || 1000; config.maximumChatMessageLength = meta.config.maximumChatMessageLength || 1000;
config.socketioTransports = nconf.get('socket.io:transports') || ['polling', 'websocket']; config.socketioTransports = nconf.get('socket.io:transports') || ['polling', 'websocket'];
config.socketioOrigins = nconf.get('socket.io:origins');
config.websocketAddress = nconf.get('socket.io:address') || ''; config.websocketAddress = nconf.get('socket.io:address') || '';
config.maxReconnectionAttempts = meta.config.maxReconnectionAttempts || 5; config.maxReconnectionAttempts = meta.config.maxReconnectionAttempts || 5;
config.reconnectionDelay = meta.config.reconnectionDelay || 1500; config.reconnectionDelay = meta.config.reconnectionDelay || 1500;

22
src/socket.io/index.js
View File

@@ -46,20 +46,16 @@ Sockets.init = function (server) {
* Can be overridden via config (socket.io:origins) * Can be overridden via config (socket.io:origins)
*/ */
if (process.env.NODE_ENV !== 'development') { if (process.env.NODE_ENV !== 'development') {
var domain = nconf.get('cookieDomain'); const parsedUrl = url.parse(nconf.get('url'));
var parsedUrl = url.parse(nconf.get('url'));
var override = nconf.get('socket.io:origins');
if (!domain) {
domain = parsedUrl.hostname; // cookies don't provide isolation by port: http://stackoverflow.com/a/16328399/122353
}
if (!override) { // cookies don't provide isolation by port: http://stackoverflow.com/a/16328399/122353
io.origins(parsedUrl.protocol + '//' + domain + ':*'); const domain = nconf.get('cookieDomain') || parsedUrl.hostname;
winston.info('[socket.io] Restricting access to origin: ' + parsedUrl.protocol + '//' + domain + ':*');
} else { const origins = nconf.get('socket.io:origins') || `${parsedUrl.protocol}//${domain}:*`;
io.origins(override); nconf.set('socket.io:origins', origins);
winston.info('[socket.io] Restricting access to origin: ' + override);
} io.origins(origins);
winston.info('[socket.io] Restricting access to origin: ' + origins);
} }
io.listen(server, { io.listen(server, {