📅 最后修改于: 2023-12-03 14:40:13.316000 🧑 作者: Mango
Socket.io is a library that enables real-time, bidirectional and event-based communication between the browser and server. It uses Web Sockets, Long Polling and other techniques to achieve this.
CORS stands for Cross-Origin Resource Sharing and it is a security feature implemented by web browsers to prevent a web page from making requests to a domain that is different from the one that served the page.
Socket.io version 2.x has built-in support for CORS and it can be configured to allow cross-origin requests by setting some options.
To enable CORS in your Socket.io v2 application, you need to add some options to the server-side configuration:
const io = require('socket.io')(server, {
cors: {
origin: "http://example.com",
methods: ["GET", "POST"]
}
});
In this example, we are allowing requests from the domain http://example.com using the HTTP methods GET and POST.
You can also use regular expressions to match multiple origins:
const io = require('socket.io')(server, {
cors: {
origin: /example\.com$/,
methods: ["GET", "POST"]
}
});
This will match any origin that ends with "example.com".
If you want to allow all origins, you can use the wildcard character:
const io = require('socket.io')(server, {
cors: {
origin: "*",
methods: ["GET", "POST"]
}
});
This is convenient for development, but it is risky in production environments since it allows any domain to make requests.
Socket.io v2 has built-in support for CORS, making it easy to configure cross-origin requests. By setting the right options on the server-side configuration, you can allow requests from specific domains or all domains. However, you should be careful when using the wildcard character since it could lead to security issues.