I am trying to figure out how to add a header with an authorization token to a WebSocket connection, after it has been established. Basically, to use a cookie in order to validate each message in the connection.
There is a great discussion at HTTP headers in Websockets client API already, yet it did not really help me.
One of the the suggestions there was to do:
document.cookie = 'X-Authorization=' + token + '; path=/';
Unfortunately, it did not help me.
func handler(ws *websocket.Conn, h *Hub) {
go h.run()
h.addClientChan <- ws
for {
config := ws.Config()
fmt.Println("Headers length:", len(config.Header))
...
Shows a map with 0 elements before and after I add the cookie.
Is it possible to alter WebSocket connection headers, after the connection has been established?
Do I even need to add an authorization token to a WebSocket connection, provided I authenticate each time, or is it only useful to re-establish a connection and just a useless check after the fact?
Is it possible to alter WebSocket connection headers, after the connection has been established?
You can't set a cookie upon receipt of a WebSocket message. Once the WebSocket connection has been established, it's an open TCP socket and the protocol is no longer http, thus there is no built-in way to exchange cookies.
You can use authorizathion on the first http request, where both sides establish protocol for exchange data.