Link Search Menu Expand Document

Cross-Site WebSocket Hijacking in NodeJS

Socket.io

This library provides a method to define the list of allowed origins:

io.origins(['https://example.com:443']);

If this value isn’t set, any origin is allowed by default.