NeoAnd/evolution-api
1
0
Fork 0
mirror of https://github.com/EvolutionAPI/evolution-api.git synced 2025-12-18 19:32:21 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

Customizable Websockets Security

Browse Source 
Enables the option to specify safe remote addresses using WEBSOCKET_ALLOWED_HOSTS enviroment variables. Defaults to the secure only localhost.
This commit is contained in:
moothz
2025-09-09 14:56:11 -03:00
parent c2085b59ea
commit 0aa6c96765
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/api/integrations/event/websocket/websocket.controller.ts
View File

@@ -31,11 +31,12 @@ export class WebsocketController extends EventController implements EventControl
const params = new URLSearchParams(url.search);
const { remoteAddress } = req.socket;
const isLocalhost =
remoteAddress === '127.0.0.1' || remoteAddress === '::1' || remoteAddress === '::ffff:127.0.0.1';
const isAllowedHost = (process.env.WEBSOCKET_ALLOWED_HOSTS || '127.0.0.1,::1,::ffff:127.0.0.1')
.split(',')
.map(h => h.trim())
.includes(remoteAddress);
// Permite conexões internas do Socket.IO (EIO=4 é o Engine.IO v4)
if (params.has('EIO') && isLocalhost) {
if (params.has('EIO') && isAllowedHost) {
return callback(null, true);
}