View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006276 | unreal | ircd | public | 2023-06-02 10:59 | 2023-06-25 15:41 |
| Reporter | rain | Assigned To | syzop | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | no change required | ||
| Product Version | 6.1.1-rc1 | ||||
| Summary | 0006276: Allow only from *@domains. | ||||
| Description | Hi, It would be nice to have control on websockets connections by allowing domains . Im asking this because some app like gamja or thelounge expose the real port of the websocket server and nobody can just sniff there with apps bots etc to bypass some restriction that i use. So by domain im 100 % that is my apps connecting in from my domains. Sorry my bag english. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
Hi there. WebSocket connections are connected from the client directly and not through a WEBIRC 'gateway/proxy' thing (where the connection will come from your server and spoof the client IP), so they don't actually come from your domains at all, they come directly from the users browser and no spoofing takes place. This means you can't limit WebSocket usage to your domains like how you might when using WEBIRC. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-06-02 10:59 | rain | New Issue | |
| 2023-06-02 14:25 | Valware | Note Added: 0022890 | |
| 2023-06-12 19:16 | syzop | Assigned To | => syzop |
| 2023-06-12 19:16 | syzop | Status | new => feedback |
| 2023-06-25 15:41 | syzop | Status | feedback => closed |
| 2023-06-25 15:41 | syzop | Resolution | open => no change required |
