Talon/chat_grid
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "Enforce websocket origin allowlist with secure-mode config"

Browse Source 
This reverts commit cf30229b37.
This commit is contained in:
Jage9
2026-02-28 04:52:44 -05:00
parent cf30229b37
commit 027f04e58d
9 changed files with 1 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/README.md
View File

@@ -13,13 +13,10 @@ Key options:
- `server.bind_ip`, `server.port`
- `network.max_message_bytes`
- `network.allow_insecure_ws`
- `network.allowed_origins`
- `tls.cert_file`, `tls.key_file`
If `network.allow_insecure_ws = false`, TLS cert/key are required and server runs as `wss://`.
For local/dev without TLS, either set `network.allow_insecure_ws = true` or pass `--allow-insecure-ws`.
When insecure ws is disabled, `network.allowed_origins` must list your deployed `https://` origins.
When insecure ws is enabled and `network.allowed_origins` is empty, localhost dev origins are allowed automatically.
## Run