From d078a89e833d5eb42ff677f1623dab76f8bf52f2 Mon Sep 17 00:00:00 2001 From: Andrey Goncharov Date: Fri, 19 May 2023 10:19:10 -0700 Subject: [PATCH] Skip token verification if a special env variable is passed Summary: Recently , we started verifying a special token for every websocket connection. It made e2e tests fail. We are going to use this bypass flag in jest e2e envs. Reviewed By: lblasa Differential Revision: D46025343 fbshipit-source-id: c2e6e0b561286fb8b571565243a45cdfb56a54a9 --- desktop/flipper-server-core/src/server/startServer.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/desktop/flipper-server-core/src/server/startServer.tsx b/desktop/flipper-server-core/src/server/startServer.tsx index eac980377..6911e249a 100644 --- a/desktop/flipper-server-core/src/server/startServer.tsx +++ b/desktop/flipper-server-core/src/server/startServer.tsx @@ -254,7 +254,7 @@ function addWebsocket(server: http.Server, config: Config) { // no origin header? The request is not originating from a browser, so should be OK to pass through // If origin matches our own address, it means we are serving the page. - return verifyAuthToken(req); + return process.env.SKIP_TOKEN_VERIFICATION ? true : verifyAuthToken(req); } else { // for now we don't allow cross origin request, so that an arbitrary website cannot try to // connect a socket to localhost:serverport, and try to use the all powerful Flipper APIs to read