From 2bc4dd49bb0b175ce1848f1817f8d54c6c7721f6 Mon Sep 17 00:00:00 2001
From: Florian Eitel <feitel@indeedgeek.de>
Date: Wed, 6 Nov 2019 00:50:01 +0100
Subject: [PATCH] fix(client): don't override protocol for socket connection to
 127.0.0.1

Chrome and Firefox accept `http://`/`ws://` mixed-content connection to
`127.0.0.1` even when the actual website is loaded via `https://`.

Fixes #2302
---
 client-src/default/utils/createSocketUrl.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/client-src/default/utils/createSocketUrl.js b/client-src/default/utils/createSocketUrl.js
index b7bf6c944d..d91b16541b 100644
--- a/client-src/default/utils/createSocketUrl.js
+++ b/client-src/default/utils/createSocketUrl.js
@@ -50,6 +50,7 @@ function createSocketUrl(resourceQuery) {
   // because the browser doesn't accept non-secure websockets.
   if (
     hostname &&
+    hostname !== '127.0.0.1' &&
     (self.location.protocol === 'https:' || urlParts.hostname === '0.0.0.0')
   ) {
     protocol = self.location.protocol;