As mentioned eg in the HTML5Rocks WebSockets tutorial ,
The server decides whether to make its service available to all clients or only those that reside on a set of well defined domains.
Ok, how to do that with the Java API for WebSocket 1.0 (JSR 356) (running on Tomcat )?
See ServerEndpointConfig.Configurator#checkOrigin
Once registered, checkOrigin method will be called with "Origin" http header value as a parameter and then you can return true if its ok, or false, which should result in HTTP 403 - Origin not verified.
(please ignore any references to project Tyrus in javadoc, API (javax.websocket.*) is the same for all implementations).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.