Skip to content

Update helmet Content Security Policy to allow websocket connections to sources other than the location where the frontend is hosted#513

Merged
Belchy06 merged 2 commits intoEpicGamesExt:masterfrom
Belchy06:temp
Feb 26, 2025
Merged

Update helmet Content Security Policy to allow websocket connections to sources other than the location where the frontend is hosted#513
Belchy06 merged 2 commits intoEpicGamesExt:masterfrom
Belchy06:temp

Conversation

@Belchy06
Copy link
Copy Markdown
Collaborator

@Belchy06 Belchy06 commented Feb 26, 2025

Relevant components:

  • Signalling server
  • Common library
  • Signalling library
  • Frontend library
  • Frontend UI library
  • Matchmaker
  • Platform scripts
  • SFU

Problem statement:

Due to web content security policies, websocket connections to locations other than the same location that the page is hosted from are disallowed. This means that if you were to use a frontend hosted in location X, and a signalling server in location Y, and connect to the frontend with http://LocationX?ss=LocationY, you won't be able to establish a connection.

Solution

Update the default content security policy used by helmet to allow websocket connections from different locations

@Belchy06
Update helmet Content Security Policy to allow websocket connections …
8457d48 
…to source other than the location where the frontend is hosted
@lukehb lukehb added auto-backport Used to specify we want a PR to auto backport to a branch, must be paired with auto-backport-to-UEX. auto-backport-to-UE5.5 labels Feb 26, 2025
@Belchy06 Belchy06 merged commit 42836ff into EpicGamesExt:master Feb 26, 2025
4 checks passed
github-actions bot pushed a commit that referenced this pull request Feb 26, 2025
@Belchy06
Update helmet Content Security Policy to allow websocket connections …
e122032 
…to sources other than the location where the frontend is hosted (#513)

* Update helmet Content Security Policy to allow websocket connections to source other than the location where the frontend is hosted

(cherry picked from commit 42836ff)
@github-actions github-actions bot mentioned this pull request Feb 26, 2025
Merged
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 26, 2025

💚 All backports created successfully

Status Branch Result
UE5.5

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details

mcottontensor added a commit that referenced this pull request Feb 28, 2025
@mcottontensor
Merge pull request #514 from EpicGamesExt/backport/UE5.5/pr-513
ea37517 
[UE5.5] Update helmet Content Security Policy to allow websocket connections to sources other than the location where the frontend is hosted (#513)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukehb lukehb lukehb approved these changes

Assignees

No one assigned

Labels

auto-backport Used to specify we want a PR to auto backport to a branch, must be paired with auto-backport-to-UEX. auto-backport-to-UE5.5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Belchy06 @lukehb