Origin creation in nopoll_conn.c restricted to http

[408b7f8b]

Hello!

Function __nopoll_conn_new_common for connection creation in nopoll_conn.c fills the conn->origin when NULL using

/* build origin * if (origin == NULL) conn->origin = nopoll_strdup_printf ("http://%s", conn->host_name); else conn->origin = nopoll_strdup (origin);

If NULL origin is provided, the function will always put "http" first. This will lead to a forbidden connection if using a HTTPS connection and having origin = NULL, as I noticed having my websocket server sitting behind a NGINX server and using a HTTPS route.. The sent origin will be "http://"+ hostname and therefore invalid. I can create a connection to the server with other websocket client implementations when not having an origin field at all.

I wonder, if it would be good to modify this function with either

• eliminate the fallback filling of origin and enforce having a fitting string
• enhance the fallback filling ("https" instead of "http" if port == 443 or test if function was called by a function for a new TLS connection?)
• add a function for completely removing the origin field from the notification that will be sent to the server ?

[408b7f8b]

I forked the repository and did a fix for us, which could be taken as a possible solution.

https://github.com/research-virtualfortknox/nopoll/commit/026638d832d4140d8209fd89c7824d8a8af216e4