So I've been working with socket.io and NodeJS quite some time now, but I've never tried to use socket.io over an secured socket layer.
Recently I've been trying to get this to work with a valid certificate. However, everytime I try to connect to the socket.io server, the following error message appears in the chrome console;
XMLHttpRequest cannot load domain:12457/socket.io/1/?t=1403871407291. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'domain' is therefore not allowed access.
As far as I can see, the domain has to be in the Access-Control-Allow-Origin header. I've added that specific header to the HTTPS server using the following code;
var https = require ('https');
var fs = require ('fs');
var options = {
key: fs.readFileSync('./cert/private.key'),
cert: fs.readFileSync('./cert/certificate.crt'),
//requestCert: true,
ca: [ fs.readFileSync('./cert/ca.pem'), fs.readFileSync('./cert/sub.class1.server.ca.pem') ]
};
var server = https.createServer (options, function (req, res) {
res.setHeader("Access-Control-Allow-Origin", "domain");
res.writeHead (200);
res.end ("Nothing to see here :o");
});
var socketio = require ('socket.io').listen (server);
server.listen (12457);
When I run the server with the Access-Control-Allow-Origin added, I receive the same error. However, when I request the headers with a separate GET request, I receive the following:
HTTP/1.1 200 OK =>
Access-Control-Allow-Origin => domain
Date => Fri, 27 Jun 2014 12:18:45 GMT
Connection => close
Note that the Access-Control-Allow-Origin is set this time with the right domain.
I somehow got the feeling that the HTTPS server is setting the headers for the HTTPS server it self, but not for the socket.io server. I have no clue how to fix this problem what so ever, so my question is;
Does someone knows what I am doing wrong?
