jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Skip token verification if a special env variable is passed

Browse Source 
Summary: Recently , we started verifying a special token for every websocket connection. It made e2e tests fail. We are going to use this bypass flag in jest e2e envs.

Reviewed By: lblasa

Differential Revision: D46025343

fbshipit-source-id: c2e6e0b561286fb8b571565243a45cdfb56a54a9
This commit is contained in:
Andrey Goncharov
2023-05-19 10:19:10 -07:00
committed by Facebook GitHub Bot
parent 4647f52a5b
commit d078a89e83
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
desktop/flipper-server-core/src/server/startServer.tsx
View File

@@ -254,7 +254,7 @@ function addWebsocket(server: http.Server, config: Config) {
// no origin header? The request is not originating from a browser, so should be OK to pass through // no origin header? The request is not originating from a browser, so should be OK to pass through
// If origin matches our own address, it means we are serving the page. // If origin matches our own address, it means we are serving the page.
return verifyAuthToken(req); return process.env.SKIP_TOKEN_VERIFICATION ? true : verifyAuthToken(req);
} else { } else {
// for now we don't allow cross origin request, so that an arbitrary website cannot try to // for now we don't allow cross origin request, so that an arbitrary website cannot try to
// connect a socket to localhost:serverport, and try to use the all powerful Flipper APIs to read // connect a socket to localhost:serverport, and try to use the all powerful Flipper APIs to read