Skip to content

omit the origin header when connecting the websocket #98

New issue
New issue
Open
#101
Open
omit the origin header when connecting the websocket#98
#101
@sixcorners

Description

@sixcorners
sixcorners
opened on Feb 10, 2025

Setting remote-allow-origins sucks. If you set it to * I think that is very insecure. Selenium doesn't need this. The way to not have to set it is to not send the origin header.

// pass this to .connectToServer()
ClientEndpointConfig.Builder.create()
  .configurator(
      new ClientEndpointConfig.Configurator() {
        @Override
        public void beforeRequest(Map<String, List<String>> headers) {
          headers.remove("Origin");
        }
      })
  .build()

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions