We have one html site and one node.js server which serves that website.The website and the server exchange data using socke.io.We found this in the documentation:origins defaults to *:* The origins that are allowed to connect to the Socket.IO server.Our html.site is on http://questionexample.com/page1 .Only this site may connect to our server.(But everyone may connect to that website.)How do we have to set the origins? 解决方案 If you dig into Socket.io source code, you will find such lines:var origin = request.headers.origin || request.headers.referer , origins = this.get('origins');...var parts = url.parse(origin);parts.port = parts.port || 80;var ok = ~origins.indexOf(parts.hostname + ':' + parts.port) || ~origins.indexOf(parts.hostname + ':*') || ~origins.indexOf('*:' + parts.port);As you can see Socket.io takes origin (or referer) that came from the client, retrieves domain name and port,and compares with the origins option you specified.So the valid origins values are (* means "any"):testsite.com:80http://testsite.com:80http://*:8080*:8080testsite.com:* http://someotherdomain.com:8080 (multiple origins separated by space)testsite.com:*/somepath (socket.io will ignore /somepath)*:*And these are invalid (because no port number):testsite.comhttp://testsite.comhttp://testsite.com/somepathAlso note that if you specify sub.testsite.com as origins value, the testsite.com will be valid origin. 这篇关于如何设置 socket.io origins 以限制连接到一个 url的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！