StevenWeathers
commented
5 months ago Looking at the Gorilla websocket library docs for the upgrader CheckOrigin function I think this would be fairly easy to implement.
Closed gwimmel closed 5 months ago
StevenWeathers
commented
5 months ago Looking at the Gorilla websocket library docs for the upgrader CheckOrigin function I think this would be fairly easy to implement.
gwimmel
commented
5 months ago Yes, shouldn't be very complicated. I could try and provide a PR, but it would probably clash with #532 ?
StevenWeathers
commented
5 months ago Yes, shouldn't be very complicated. I could try and provide a PR, but it would probably clash with #532 ?
Feel free to give it a shot, I'm not going to work on #532 right away as I have other things I'd like to get done before then unrelated to the websockets.
I'm evaluating a self-hosted instance of Thunderdome on Azure Container Apps routed via an Azure Application Gateway. This works if I set the APP_DOMAIN configuration correctly, only that the WebSocket origin check fails in this case, as without further configuration, the Host is set to the Container Apps Host and WebSocket Origin is set to the Host/Domain used on the Azure Application Gateway.
I'd suggest allowing the APP_DOMAIN in the origin check as well (but not sure if this would have any adverse side effects).