ysysimon
commented
2 weeks ago Found the problem, in case someone is interested, it was because of my login filter. Tools like postman can use the first request for upgrading the websocket protocol to complete the authentication, but the websocket client in JavaScript in the browser does not support including custom information in the request header, so I moved the verification to the websocket information sending and receiving stage, and used the websocket context to mark the authenticated connection
Drogon's websocket cannot connect in the browser but can connect in postman. Is this related to the CSP response header?