admin管理员组

文章数量:1328579

I use Helmet with Express to set quite some security HTTP headers from the server side. This is nicely done, when rendering client pages on top of the node.js app, using:

var app = express();
app.use(helmet());
..
res.render("pages/index", data);

All the resources on the index page will have the Helmet headers. Unfortunately, socket.io does its own header management. So, anything that es after /socket.io/ will have insecure/its own headers. For example here:

<https_path>/socket.io/socket.io.js
<https_path>/socket.io/?EIO=3&transport=polling&t=Lj4CFnj&sid=ILskOFWbHUaU6grTAAAA

Hence, I want to set custom headers for all socket.io items manually.

This is how I require socket.io (excerpt only):

/src/app.js

var express = require("express");
var sio = require("socket.io");
var app = express();
var io = require("./../lib/io.js").initialize(app.listen(REST_PORT, () => {
    logger.info("Application ready on port " + REST_PORT + " . Environment: " + NODE_ENV);
}));

/lib/io.js

exports = module.exports = {};
var sio = require("socket.io");
exports.initialize = function(server) {
    var options = {
        cookie: false,
        extraHeaders: {
        "X-Custom-Header-For-My-Project": "Custom stuff",
        }
    };
    io = sio(server, options);
    io.on("connection", function(socket) {
    // logic
)};

The "extraHeaders" option doesn´t work, I guess it could only with socket.io-client. I did large amount of googling around, but not luck on this.

Also looked around how to use socket.request (apparently it helps with headers, according to: here), but I couldn´t figure that out either.

Could you guys help?

I use Helmet with Express to set quite some security HTTP headers from the server side. This is nicely done, when rendering client pages on top of the node.js app, using:

var app = express();
app.use(helmet());
..
res.render("pages/index", data);

All the resources on the index page will have the Helmet headers. Unfortunately, socket.io does its own header management. So, anything that es after /socket.io/ will have insecure/its own headers. For example here:

<https_path>/socket.io/socket.io.js
<https_path>/socket.io/?EIO=3&transport=polling&t=Lj4CFnj&sid=ILskOFWbHUaU6grTAAAA

Hence, I want to set custom headers for all socket.io items manually.

This is how I require socket.io (excerpt only):

/src/app.js

var express = require("express");
var sio = require("socket.io");
var app = express();
var io = require("./../lib/io.js").initialize(app.listen(REST_PORT, () => {
    logger.info("Application ready on port " + REST_PORT + " . Environment: " + NODE_ENV);
}));

/lib/io.js

exports = module.exports = {};
var sio = require("socket.io");
exports.initialize = function(server) {
    var options = {
        cookie: false,
        extraHeaders: {
        "X-Custom-Header-For-My-Project": "Custom stuff",
        }
    };
    io = sio(server, options);
    io.on("connection", function(socket) {
    // logic
)};

The "extraHeaders" option doesn´t work, I guess it could only with socket.io-client. I did large amount of googling around, but not luck on this.

Also looked around how to use socket.request (apparently it helps with headers, according to: here), but I couldn´t figure that out either.

Could you guys help?

  • javascript
  • node.js
  • websocket
  • socket.io
  • engine.io
Share Improve this question edited Apr 6, 2017 at 19:10 flaesh asked Apr 6, 2017 at 17:17 flaeshflaesh 2621 gold badge5 silver badges17 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 6

extraHeaders options will work as below, as you need to remove "transports: ['polling']," in case you are using, and use below pattern. This worked for me, and was able to send custom headers.

package used :- "socket.io-client": "^2.2.0",

this.socket = io(environment.host, {
   path: `/api/backend/socket.io`,
   origins: '*:*',
   // transports: ['polling'],
   transportOptions: {
     polling: {
        extraHeaders: {
           'authorization': token,
           'user-id' : userId
        }
     }
    }
 })

Ref:- https://socket.io/docs/client-api/#With-extraHeaders

本文标签: javascriptNodejsSocketioSet custom headers on the serverStack Overflow

版权声明:本文标题:javascript - Node.js + Socket.io | Set custom headers on the server - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742258660a2442101.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。