aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2021-02-18 10:05:30 +0100
committerKim Alvefur <zash@zash.se>2021-02-18 10:05:30 +0100
commit231e87ab054addeb2433ecf6f87b54c641bd8865 (patch)
tree896224f103cef3ab73c4120ec8a3963b2eddc56f /plugins
parent362c228c47eb0b48b780d0844ac5321381e4f207 (diff)
downloadprosody-231e87ab054addeb2433ecf6f87b54c641bd8865.tar.gz
prosody-231e87ab054addeb2433ecf6f87b54c641bd8865.zip
mod_websocket: Inherit security status from http request
Allows requests considered secure becasue of a proxy header to carry over to the client session. mod_bosh does this too.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_websocket.lua2
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/mod_websocket.lua b/plugins/mod_websocket.lua
index 7a5f2d03..e70b907d 100644
--- a/plugins/mod_websocket.lua
+++ b/plugins/mod_websocket.lua
@@ -266,7 +266,7 @@ function handle_request(event)
-- See mod_http and #540
session.ip = request.ip;
- session.secure = consider_websocket_secure or session.secure;
+ session.secure = consider_websocket_secure or request.secure or session.secure;
session.websocket_request = request;
session.open_stream = session_open_stream;