Added option to bypass websocket origin check on rule creation

reverseproxy.go

@@ -215,6 +215,13 @@ func ReverseProxyHandleAddEndpoint(w http.ResponseWriter, r *http.Request) {
 
 	requireBasicAuth := (rba == "true")
 
+	// Bypass WebSocket Origin Check
+	strbpwsorg, _ := utils.PostPara(r, "bpwsorg")
+	if strbpwsorg == "" {
+		strbpwsorg = "false"
+	}
+	bypassWebsocketOriginCheck := (strbpwsorg == "true")
+
 	//Prase the basic auth to correct structure
 	cred, _ := utils.PostPara(r, "cred")
 	basicAuthCredentials := []*dynamicproxy.BasicAuthCredentials{}
@@ -256,9 +263,10 @@ func ReverseProxyHandleAddEndpoint(w http.ResponseWriter, r *http.Request) {
 			RootOrMatchingDomain: rootOrMatchingDomain,
 			Domain:               endpoint,
 			//TLS
-			RequireTLS:          useTLS,
-			BypassGlobalTLS:     useBypassGlobalTLS,
-			SkipCertValidations: skipTlsValidation,
+			RequireTLS:               useTLS,
+			BypassGlobalTLS:          useBypassGlobalTLS,
+			SkipCertValidations:      skipTlsValidation,
+			SkipWebSocketOriginCheck: bypassWebsocketOriginCheck,
 			//VDir
 			VirtualDirectories: []*dynamicproxy.VirtualDirectoryEndpoint{},
 			//Custom headers
@@ -305,12 +313,13 @@ func ReverseProxyHandleAddEndpoint(w http.ResponseWriter, r *http.Request) {
 
 		//Write the root options to file
 		rootRoutingEndpoint := dynamicproxy.ProxyEndpoint{
-			ProxyType:            dynamicproxy.ProxyType_Root,
-			RootOrMatchingDomain: "/",
-			Domain:               endpoint,
-			RequireTLS:           useTLS,
-			BypassGlobalTLS:      false,
-			SkipCertValidations:  false,
+			ProxyType:                dynamicproxy.ProxyType_Root,
+			RootOrMatchingDomain:     "/",
+			Domain:                   endpoint,
+			RequireTLS:               useTLS,
+			BypassGlobalTLS:          false,
+			SkipCertValidations:      false,
+			SkipWebSocketOriginCheck: true,
 
 			DefaultSiteOption: defaultSiteOption,
 			DefaultSiteValue:  dsVal,

web/components/rules.html

@@ -44,6 +44,12 @@
                                         <label>Ignore TLS/SSL Verification Error<br><small>For targets that is using self-signed, expired certificate (Not Recommended)</small></label>
                                     </div>
                                 </div>
+                                <div class="field">
+                                    <div class="ui checkbox">
+                                        <input type="checkbox" id="skipWebsocketOriginCheck" checked>
+                                        <label>Skip WebSocket Origin Check<br><small>Allow cross-origin websocket requests (Usually not a security concern)</small></label>
+                                    </div>
+                                </div>
                                 <div class="field">
                                     <div class="ui checkbox">
                                         <input type="checkbox" id="bypassGlobalTLS">
@@ -126,6 +132,7 @@
         var skipTLSValidation = $("#skipTLSValidation")[0].checked;
         var bypassGlobalTLS = $("#bypassGlobalTLS")[0].checked;
         var requireBasicAuth = $("#requireBasicAuth")[0].checked;
+        var skipWebSocketOriginCheck = $("#skipWebsocketOriginCheck")[0].checked;
 
         if (rootname.trim() == ""){
             $("#rootname").parent().addClass("error");
@@ -150,9 +157,11 @@
                 tls: useTLS, 
                 ep: proxyDomain,
                 tlsval: skipTLSValidation,
+                bpwsorg: skipWebSocketOriginCheck,
                 bypassGlobalTLS: bypassGlobalTLS,
                 bauth: requireBasicAuth,
                 cred: JSON.stringify(credentials),
+                
             },
             success: function(data){
                 if (data.error != undefined){