O'Reilly logo

Socket.IO Cookbook by Tyson Cadenhead

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Locking down the HTTP referrer

Socket.IO is really good at getting around cross-domain issues when you create a request from a client in a different domain than the domain your server lives on. You can easily include the Socket.IO script from a different domain on your page. It will work just as you may expect it to.

There are some instances where you may not want your Socket.IO events to be available to every other domain. Not to worry! We can easily whitelist only the http referrers that we want so that some domains will be allowed to connect and other domains won't.

How to do it…

To lock down the HTTP referrer and only allow events to whitelisted domains, follow these steps:

  1. Create two different servers that can connect to your Socket.IO instance. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required