Geek Answers Handbook

How can I override the Origin header in Chrome when connected to a WebSocket?

I am trying to connect to an external web socket server that is not running by me. I would like to connect to it from a javascript localhost file, so the source header is null.

I understand that this is a measure against counterfeiting under the site. However, since I'm on a local host, I have to fake this by getting Chrome to send a custom Origin header.

Is it possible? (if I need an extension, that's fine)

If not, what is my best option to achieve the above? Thanks.

+5
source share
4 answers

Web pages cannot change the Origin header, but extensions can change request headers using the chrome.webRequest API. But ws:// and wss:// not supported by this API, so this will not help if the server also does not support other means of communication via http (s) (for example, a long poll).

There is still a solution: just load the (known) web page to the right beginning in the iframe (e.g. https://example.com/favicon.ico or https://example.com/robots.txt ) and use the contents of the script to open WebSocket.

+7
source

The Origin header is one of the headers that are automatically set by the user agent (as part of the browser implementation) and cannot be changed programmatically or through extensions. This makes sense because web service providers cannot allow random connections to localhosts.

You can only connect to an external WebSocket if you are doing this from a host explicitly accepted by the web service provider. Many headers cannot be trusted (because they can be overridden), but this does not apply to Origin , since it provides security not only for users, but also for service providers from unwanted connections.

+1
source

As far as I know, this will not be possible, this will break the guards against CSRF in Chrome.

If you could do this, the whole concept of XHR would fall apart.

Here is an extension that you can use to control the header on the fly, but so far I have not been able to get it to manipulate the socket.

Have a look here if you want to know more about it.

But this does not stop you from implementing your own client (instead of chrome), where you can literally send any headers you want, not sure if this will help you, sorry.

0
source

It depends on how you want to use the Chrome browser. Since you mention localhost, I assume that you are developing and will use this for some kind of scraping. I suggest you study the Chrome DevTools Protocol , which will render almost no protection useless, because you are using a real browser. CORS, Origin, Cookie, or any arbitrary header value will be under your control, and you can send your own header for xhr / websocket requests. If you want to manipulate in a more advanced way, you can use Network.continueInterceptedRequest. You might want to start chrome using options like "--disable-web-security, --disable-xss-auditor, --disable-client-side-phishing-detect, --allow-insecure-localhost" more about such options peter.sh . However, the last option requires a plugin to trick the original header, so I recommend the first option.

0
source

More articles:


All Articles