7


I know this question has been asked a couple of times.
However, I can't get any those solutions to work.
I'm running a standard install of node.js and socket.io. (From yum on Amazon EC2)
The problem is that Chrome is falling back to xhr polling, and those requests require a working CORS configuration. However, I can't seem to get it to work. My web server is running on port 80, and node.js(socket.io) is running on port 81. I have tried to get socket.io to use a origin policy as you can see. I have also tried to use "* : *" as origin with no luck.
Here's my code:

var http = require('http');
var io = require('socket.io').listen(81, {origins: '*'});

io.configure( function(){
    io.set('origin', '*');
});
io.set("origins","*");

var server = http.createServer(function(req, res) {
    io.sockets.emit("message", "test");
res.writeHead(200);
    res.end('Hello Http');
    console.log("Message recieved!");
});
server.listen(82);

io.sockets.on('connection', function(client)  {
    console.log("New Connection");
});

Thank you very much!

Fredefl
  • 1,391
  • 2
  • 17
  • 33

1 Answers1

8

This is the syntax I had to use to get CORS working with socket.io:

io.set( 'origins', '*domain.com*:*' );

If it comes to it, use console.log to make sure you're entering this block of code in Manager.prototype.handleHandshake inside ./lib/manager.js:

 if (origin) {
    // https://developer.mozilla.org/En/HTTP_Access_Control
    headers['Access-Control-Allow-Origin'] = '*';

    if (req.headers.cookie) {
      headers['Access-Control-Allow-Credentials'] = 'true';
    }
  }
buley
  • 28,032
  • 17
  • 85
  • 106
  • It didn't wok... I'm currently looking at using sockjs instead. But thanks anyways! :D – Fredefl May 09 '12 at 20:56
  • 1
    But since it does work for you, and I think that my install and configuration was wrong, I accept your answer. – Fredefl May 16 '12 at 16:21
  • Thanks. I still wouldn't mind debugging with you if you're up for it. Would need to see the HTTP headers. – buley May 16 '12 at 22:42
  • I've looked at the HTTP headers numerous times, and the CORS headers aren't there. But I'm now using sockjs and it is working like a charm. Thanks a lot! – Fredefl May 18 '12 at 09:48
  • 6
    I would recommend changing from '\*domain.com*:*' to 'http://domain.com:*' to make it more safe. Otherwise you could connect from domains such as "domain.com.example.com", "anotherdomain.com", etc. – niaher Jul 29 '12 at 16:25
  • FYI, `io.set()` is old (before 1.x). I think it now requires options to be padded when creating the server. – jfriend00 Mar 28 '16 at 20:14