Closed FZambia closed 2 years ago
https://github.com/centrifugal/centrifuge-swift/blob/6c2a210a9814485a9ea9e37ca0535954e0c8dbad/Sources/SwiftCentrifuge/WebSocket.swift#L471-L476
This logic is not really obvious and Origin header does not make any sense in terms of security when sent from mobile device. And requires explicit allowed Origin configuration on server side.
https://github.com/centrifugal/centrifuge-swift/blob/6c2a210a9814485a9ea9e37ca0535954e0c8dbad/Sources/SwiftCentrifuge/WebSocket.swift#L471-L476
This logic is not really obvious and Origin header does not make any sense in terms of security when sent from mobile device. And requires explicit allowed Origin configuration on server side.