From a76ca495d5ef6874a8f29e660700c2e10e3193af Mon Sep 17 00:00:00 2001
From: Michael Gorianskyi <goreanski@gmail.com>
Date: Wed, 1 Feb 2017 00:01:55 +0100
Subject: [PATCH] Added origin access control for socket.io

---
 .gitignore              | 1 +
 config/development.json | 1 +
 config/production.json  | 1 +
 sockets.js              | 2 ++
 4 files changed, 5 insertions(+)

diff --git a/.gitignore b/.gitignore
index 4176ef0f..b5f79b23 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 .DS_Store
 node_modules
 *.pem
+.idea
diff --git a/config/development.json b/config/development.json
index 0c79b8e3..44715976 100644
--- a/config/development.json
+++ b/config/development.json
@@ -12,6 +12,7 @@
     "/* maxClients */": "/* maximum number of clients per room. 0 = no limit */",
     "maxClients": 0
   },
+  "allowOrigin": "http://localhost:*",
   "stunservers": [
     {
       "url": "stun:stun.l.google.com:19302"
diff --git a/config/production.json b/config/production.json
index 69c9e4be..f63a1908 100644
--- a/config/production.json
+++ b/config/production.json
@@ -12,6 +12,7 @@
     "/* maxClients */": "/* maximum number of clients per room. 0 = no limit */",
     "maxClients": 0
   },
+  "allowOrigin": "http://localhost:*",
   "stunservers": [
     {
       "url": "stun:stun.l.google.com:19302"
diff --git a/sockets.js b/sockets.js
index dfb80050..51a162c5 100644
--- a/sockets.js
+++ b/sockets.js
@@ -5,6 +5,8 @@ var socketIO = require('socket.io'),
 module.exports = function (server, config) {
     var io = socketIO.listen(server);
 
+    io.set('origins', config.allowOrigin);
+
     io.sockets.on('connection', function (client) {
         client.resources = {
             screen: false,