I have a Node.js Socket.io v2.4 server that I want to restrict its access. I want only a particular chrome extension to be able to connect to it and nothing else. I noticed that traffic from Chrome Extension shows up as 127.0.0.1 as opposed to other traffic from localhost shows up as localhost. I know there are other ways like Interprocess Communication (IPC) that might be better than communication over websockets and http, but I can not use those at the moment.
Here are the pertinent parts of the node.js server code:
var express = require('express');
var path = require('path');
var app = express();
var server = require('http').createServer({
requestCert: false,
rejectUnauthorized: false
}, app);
var io = require('socket.io')(server);
var port = process.env.PORT || 3000;
//511 is backlog, which Specifies the max length of the queue of pending connections. Default 511
server.listen(port, '127.0.0.1', 511, function () {
console.log('[server] listening at port %d', port);
});
I thought this would only listen to requests from 127.0.0.1, but it seems to accept requests from any website loading in the browser.
Any help is most appreciated .. thank you
question from:
https://stackoverflow.com/questions/65945777/force-node-js-socket-io-2-4-to-listen-to-127-0-0-1 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
