This component helps secure your server from unwanted websites trying to connect users to your server. When a WebSocket connection from a browser is created it sends the website URL the user is on in an HTTP header. This component will automatically close connections if the browser is not from the site(s) you're expecting.
Note: This component is bundled within the App class. By default, in Ratchet\App, OriginCheck is configured to only accept requests from the same domain as is passed to App's __construct.
As found in the API Docs: Triggered events are propagated through a HttpServerInterface object passed to the __construct.
<?php // Your shell script use Ratchet\Http\OriginCheck; use Ratchet\Http\HttpServer; use Ratchet\Server\IoServer; $checkedApp = new OriginCheck(new MyHttpApp, array('localhost')); $checkedApp->allowedOrigins = 'mydomain.com'; $server = IoServer::factory(new HttpServer($checkedApp)); $server->run();