Open export-mike opened 10 years ago
We'll review this. The issue is that the socket is not part of the core and we need to understand what it means to listen on the same port. best regards Lior
On Wed, Aug 13, 2014 at 11:22 PM, mikeljames notifications@github.com wrote:
Hey, I notice this socket io server runs on a different port to the main application. Are there plans to run the service under the same port? As to me it makes sense to operate within the cross-domain policy.
— Reply to this email directly or view it on GitHub https://github.com/linnovate/mean-socket/issues/2.
Lior Kesos - http://www.linnovate.net Linnovate - Community Infrastructure Care mail: lior@linnovate.net office: +972 722500881 cell: +972 524305252 skype: liorkesos
hi Lior,
I appreciate you taking the time to look at this and to understand the consequences.
keep up the great work with meanio!
kind regards.
mike
Want to reference my starter patch to accomplish this as well as secure socket.io when SSL is enabled. When I tried to patch mean-socket I got it running but I get closed connection for every poll. I couldn't sync the http[s].listen call so I still created a new one. But my cert is self signed for now I wonder if that is the issue I am having. The browser certainly doesn't trust it. But I can't find any more verbose output to confirm/deny. Either that or it is socket.io's fault. Any thoughts?
Mean-Socket Work(Just ignore the commits prior to today, different branch): https://github.com/ballenjr/mean-socket/commits/SSL
Prereq Starter Patch: https://github.com/linnovate/meanio/pull/19
I agree 100% about the cross domain hole btw.
@mikeljames @ballenjr Just a heads up, this issue is fixed in the latest. Try upgrading.
Exec - mean install socket On Nov 6, 2014 7:31 PM, "gulsharan" notifications@github.com wrote:
@mikeljames https://github.com/mikeljames @ballenjr https://github.com/ballenjr Just a heads up, this issue is fixed in the latest mean-socket package. Try upgrading.
— Reply to this email directly or view it on GitHub https://github.com/linnovate/mean-socket/issues/2#issuecomment-62017709.
Looks great guys! Sorry I missed it before. I was trying to figure out how to join in on your github lab. Is that invite only?
You should still take a look at my meanio patch though. I forced SSL when it is enabled and made the https node injectable. Which I still need for my sockets. We all need it to be secure when SSL is enabled. Also I noticed other examples provide a CA cert in there https options. Does that do much? I always thought that it was the browser that was responsible for resolving that. If it does help then shouldn't it be there in mean.js too? I don't remember if I included that in my patch or not.
If everyone wouldn't want SSL to be forced then it would be easy enough to make it a config option to force the redirect or not. But I am sure that alot of people would want the option at least, rather than either or, since it is pretty standard to do the redirect from 80 to 443.
Hey, I notice this socket io server runs on a different port to the main application. Are there plans to run the service under the same port? As to me it makes sense to operate within the cross-domain policy.