wip
This commit is contained in:
Marcel Pociot
parent
c9b9d488ab
commit
c9a4b68728
|
|
@ -2,6 +2,11 @@
|
|||
|
||||
return [
|
||||
|
||||
'allowedOrigins' => [
|
||||
'127.0.0.1',
|
||||
'localhost',
|
||||
],
|
||||
|
||||
/*
|
||||
* Define the optional SSL context for your websocket connections.
|
||||
* You can see all available options at: http://php.net/manual/en/context.ssl.php
|
||||
|
|
|
|||
|
|
@ -0,0 +1,55 @@
|
|||
<?php
|
||||
|
||||
namespace BeyondCode\LaravelWebsockets\Server;
|
||||
|
||||
use Ratchet\ConnectionInterface;
|
||||
use Ratchet\Http\CloseResponseTrait;
|
||||
use Ratchet\Http\HttpServerInterface;
|
||||
use Ratchet\MessageComponentInterface;
|
||||
use Psr\Http\Message\RequestInterface;
|
||||
|
||||
class OriginCheck implements HttpServerInterface {
|
||||
|
||||
use CloseResponseTrait;
|
||||
|
||||
/** @var \Ratchet\MessageComponentInterface */
|
||||
protected $_component;
|
||||
|
||||
protected $allowedOrigins = [];
|
||||
|
||||
public function __construct(MessageComponentInterface $component, array $allowedOrigins = []) {
|
||||
$this->_component = $component;
|
||||
$this->allowedOrigins = $allowedOrigins;
|
||||
}
|
||||
|
||||
public function onOpen(ConnectionInterface $connection, RequestInterface $request = null) {
|
||||
|
||||
if ($request->hasHeader('Origin')) {
|
||||
$this->verifyOrigin($connection, $request);
|
||||
}
|
||||
|
||||
return $this->_component->onOpen($connection, $request);
|
||||
}
|
||||
|
||||
function onMessage(ConnectionInterface $from, $msg) {
|
||||
return $this->_component->onMessage($from, $msg);
|
||||
}
|
||||
|
||||
function onClose(ConnectionInterface $connection) {
|
||||
return $this->_component->onClose($connection);
|
||||
}
|
||||
|
||||
function onError(ConnectionInterface $connection, \Exception $e) {
|
||||
return $this->_component->onError($connection, $e);
|
||||
}
|
||||
|
||||
protected function verifyOrigin(ConnectionInterface $connection, RequestInterface $request)
|
||||
{
|
||||
$header = (string)$request->getHeader('Origin')[0];
|
||||
$origin = parse_url($header, PHP_URL_HOST) ?: $header;
|
||||
|
||||
if (! empty($this->allowedOrigins) && !in_array($origin, $this->allowedOrigins)) {
|
||||
return $this->close($connection, 403);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -74,7 +74,9 @@ class WebSocketServer
|
|||
|
||||
$router = new Router($urlMatcher);
|
||||
|
||||
$httpServer = new HttpServer($router);
|
||||
$app = new OriginCheck($router, config('websockets.allowedOrigins', []));
|
||||
|
||||
$httpServer = new HttpServer($app);
|
||||
|
||||
return new IoServer($httpServer, $socket, $this->loop);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue