Add workaround for Undertow WebSocket client sending illegal Origin

Undertow’s WebSocket client sends an illegal Origin header – it does not include the scheme, e.g. it’ll send “localhost” rather than “http://localhost”. This commit works around the problem by allowing access to the SockJS endpoints from any origin, thereby disabling OriginHandlerInterceptor’s checking of the Origin header.

Add workaround for Undertow WebSocket client sending illegal Origin
Undertow’s WebSocket client sends an illegal Origin header – it does not include the scheme, e.g. it’ll send “localhost” rather than “http://localhost”. This commit works around the problem by allowing access to the SockJS endpoints from any origin, thereby disabling OriginHandlerInterceptor’s checking of the Origin header.
17fd3d44 · Andy Wilkinson · 6253cc5d · 17fd3d44
Commit 17fd3d44 authored Feb 19, 2015 by Andy Wilkinson
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

SampleUndertowWebSocketsApplication.java ...amples/websocket/SampleUndertowWebSocketsApplication.java +4 -2

No files found.
--- a/spring-boot-samples/spring-boot-sample-websocket-undertow/src/main/java/samples/websocket/SampleUndertowWebSocketsApplication.java
+++ b/spring-boot-samples/spring-boot-sample-websocket-undertow/src/main/java/samples/websocket/SampleUndertowWebSocketsApplication.java
@@ -45,8 +45,10 @@ public class SampleUndertowWebSocketsApplication extends SpringBootServletInitia

 	@Override
 	public void registerWebSocketHandlers(WebSocketHandlerRegistry registry) {
-		registry.addHandler(echoWebSocketHandler(), "/echo").withSockJS();
-		registry.addHandler(snakeWebSocketHandler(), "/snake").withSockJS();
+		registry.addHandler(echoWebSocketHandler(), "/echo").setAllowedOrigins("*")
+				.withSockJS();
+		registry.addHandler(snakeWebSocketHandler(), "/snake").setAllowedOrigins("*")
+				.withSockJS();
 	}

 	@Override