From 7a610c2e85ec854fc9e060a699b4c730b0f2a5e4 Mon Sep 17 00:00:00 2001 From: Florian Eitel Date: Wed, 6 Nov 2019 00:50:01 +0100 Subject: [PATCH] fix(client): don't override protocol for socket connection to 127.0.0.1 Chrome and Firefox accept `http://`/`ws://` mixed-content connection to `127.0.0.1` even when the actual website is loaded via `https://`. Fixes #2302 --- client-src/default/utils/createSocketUrl.js | 1 + test/client/utils/__snapshots__/createSocketUrl.test.js.snap | 4 ++++ test/client/utils/createSocketUrl.test.js | 1 + 3 files changed, 6 insertions(+) diff --git a/client-src/default/utils/createSocketUrl.js b/client-src/default/utils/createSocketUrl.js index e55e6b4a4e..b14e6136cb 100644 --- a/client-src/default/utils/createSocketUrl.js +++ b/client-src/default/utils/createSocketUrl.js @@ -46,6 +46,7 @@ function createSocketUrl(resourceQuery) { // because the browser doesn't accept non-secure websockets. if ( hostname && + hostname !== '127.0.0.1' && (self.location.protocol === 'https:' || urlParts.hostname === '0.0.0.0') ) { protocol = self.location.protocol; diff --git a/test/client/utils/__snapshots__/createSocketUrl.test.js.snap b/test/client/utils/__snapshots__/createSocketUrl.test.js.snap index acf777a471..bc0ba1af21 100644 --- a/test/client/utils/__snapshots__/createSocketUrl.test.js.snap +++ b/test/client/utils/__snapshots__/createSocketUrl.test.js.snap @@ -4,6 +4,8 @@ exports[`createSocketUrl should return the url when __resourceQuery is ?test 1`] exports[`createSocketUrl should return the url when __resourceQuery is http://0.0.0.0 1`] = `"http://localhost/sockjs-node"`; +exports[`createSocketUrl should return the url when __resourceQuery is http://127.0.0.1 1`] = `"http://127.0.0.1/sockjs-node"`; + exports[`createSocketUrl should return the url when __resourceQuery is http://user:pass@[::]:8080 1`] = `"http://user:pass@localhost:8080/sockjs-node"`; exports[`createSocketUrl should return the url when __resourceQuery is http://user:password@localhost/ 1`] = `"http://user:password@localhost/sockjs-node"`; @@ -22,6 +24,8 @@ exports[`createSocketUrl should return the url when the current script source is exports[`createSocketUrl should return the url when the current script source is http://0.0.0.0 1`] = `"http://localhost/sockjs-node"`; +exports[`createSocketUrl should return the url when the current script source is http://127.0.0.1 1`] = `"http://127.0.0.1/sockjs-node"`; + exports[`createSocketUrl should return the url when the current script source is http://user:pass@[::]:8080 1`] = `"http://user:pass@localhost:8080/sockjs-node"`; exports[`createSocketUrl should return the url when the current script source is http://user:password@localhost/ 1`] = `"http://user:password@localhost/sockjs-node"`; diff --git a/test/client/utils/createSocketUrl.test.js b/test/client/utils/createSocketUrl.test.js index d39f7d21cc..32c3ec59a8 100644 --- a/test/client/utils/createSocketUrl.test.js +++ b/test/client/utils/createSocketUrl.test.js @@ -10,6 +10,7 @@ describe('createSocketUrl', () => { 'http://0.0.0.0', 'https://localhost:123', 'http://user:pass@[::]:8080', + 'http://127.0.0.1', // TODO: comment out after the major release // https://github.com/webpack/webpack-dev-server/pull/1954#issuecomment-498043376 // 'file://filename',