Is is possible to add a request header to an RxJs Websocket?

Question

I'm looking to create a basic Websocket connection from my angular application to a server. Per RxJs documentation, the 'websocket' method is a wrapper around the WebSocket object provided by the browser:

import { Injectable } from '@angular/core';
import { webSocket } from 'rxjs/webSocket';

@Injectable({
  providedIn: 'root'
})

export class WebSocketService {

  connect(url: string) {
    return webSocket(url);
  }
}

While the examples are pretty straight forward, what I find surprising is the lack of documentation around a scenario where the the browser would need to send data as part of a request header (ie: an auth token) for the server to satisfy the request. Is this supported by JavaScript WebSockets?

I've seen a workaround where the websocket url would add the token as a query parameter (see image below), but that is a security vulnerability that should be avoided. Any suggestions or references would help!

take a look at this https://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api — Fan Cheung, Apr 22 '20 at 01:24

score 1 · Answer 1 · answered Jun 06 '23 at 10:08

1

No.

The underlying API does not support any additional parameters (other than URL and protocols).

For more detail check out this answer

One possible solution that is not explained in the linked answer is that you could set a cookie from the server in a prior request. That cookie should then be re-sent to the server when you open the WebSocket. For that to work, make sure to enable withCredentials in your HttpService

answered Jun 06 '23 at 10:08

Laurenz Honauer

254
1
12

I'm the lead author of RxJS, and this is the correct answer. The `WebSocket` API doesn't support it. – Ben Lesh Jun 07 '23 at 14:25

Is is possible to add a request header to an RxJs Websocket?

1 Answers1