prosody
f9edf26c66fc

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

11384:f9edf26c66fc

mod_websocket: Inherit security status from http request Allows requests considered secure becasue of a proxy header to carry over to the client session. mod_bosh does this too.
author Kim Alvefur <zash@zash.se>
date Thu, 18 Feb 2021 10:05:30 +0100
parents 11383:98b7ae7064b2
children 11385:c81b6b8c6b19
files plugins/mod_websocket.lua
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_websocket.lua	Thu Feb 18 10:00:56 2021 +0100
+++ b/plugins/mod_websocket.lua	Thu Feb 18 10:05:30 2021 +0100
@@ -266,7 +266,7 @@
 	-- See mod_http and #540
 	session.ip = request.ip;
 
-	session.secure = consider_websocket_secure or session.secure;
+	session.secure = consider_websocket_secure or request.secure or session.secure;
 	session.websocket_request = request;
 
 	session.open_stream = session_open_stream;