Paho mqtt中的SOP违规
[英]SOP violation in paho mqtt
问题描述
when I am trying to use Paho MQTT javacrript with Mosquito MQTT websockets, everything works as long as the web server that I am using to serve my page and Mosquito are in the same server (same origin). 
当我尝试将Paho MQTT javacrript与Mosquito MQTT websockets一起使用时,只要我用来为我的页面提供服务的Web服务器和Mosquito都在同一服务器上(相同的来源),一切都可以正常工作。 However, if I try to connect to a different Mosquito instance (cross domain), Firefox throws a security error. 但是,如果我尝试连接到其他Mosquito实例(跨域),则Firefox会引发安全错误。
Problem is that the Javascript client initiates a http connection to the Mosquito web socket server and it gets upgraded to ws:// as part of negotiation. 问题是Javascript客户端启动了与Mosquito Web套接字服务器的http连接,并且在协商过程中将其升级为ws://。 Had the initial request itself been over ws:// , SOP would not have kicked in. 如果最初的请求本身超过了ws://,那么SOP就不会生效。
I tried to connect to the second server from http://mitsuruog.github.io/what-mqtt/ and it works fine without SOP error. 我尝试从http://mitsuruog.github.io/what-mqtt/连接到第二台服务器,并且工作正常,没有SOP错误。 So, I know that the server can support ws:// . 因此,我知道服务器可以支持ws://。 How to get this done using the Paho implementation? 如何使用Paho实现来完成此工作?
Is there any way to work around this? 有什么办法可以解决此问题?
1 个解决方案
解决方案1
0 已采纳 2016-09-16 04:11:51
The issue is that I was trying to initiate an un-secure (ws:// instrad of wss://) while the page was itself loaded over https:// . 问题是,当页面本身通过https://加载时,我试图启动不安全(wss://的ws:// instrad)。 This results in a mixed content error that is not explicitly reported by Firefox. 这会导致混合内容错误,而Firefox没有明确报告。 Chrome prints a better warning and allows to temporarily bypass it as well. Chrome会打印出更好的警告,并允许暂时避开它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.