>

WebScket을 열 수있는이 Python 스크립트를 찾았습니다. 그러나 [W 1402720 14:44:35 web:1811] 403 GET / (192.168.0.102) 11.02 ms 경고가 표시됩니다.  실제 WebSocket을 열려고 할 때 (이전 WebSocket Terminal Chrome 플러그인 사용) Linux 터미널에서. "연결 열림", "연결 닫힘"및 "메시지 수신"메시지는 터미널 창에 인쇄되지 않습니다.

import tornado.httpserver
import tornado.ioloop
import tornado.options
import tornado.web
import tornado.websocket
class MyHandler(tornado.websocket.WebSocketHandler):
        def open(self):
                print "connection opened"
                self.write_message("connection opened")
        def on_close(self):
                print "connection closed"
        def on_message(self,message):
                print "Message received: {}".format(message)
                self.write_message("message received")
if __name__ == "__main__":
        tornado.options.parse_command_line()
        app = tornado.web.Application(handlers=[(r"/",MyHandler)])
        server = tornado.httpserver.HTTPServer(app)
        server.listen(8888)
        tornado.ioloop.IOLoop.instance().start()

  • 답변 # 1

    추가하십시오

    def check_origin(self, origin):
        return True
    
    

    MyHandler 클래스에서 이와 같이

    class MyHandler(tornado.websocket.WebSocketHandler):
        def check_origin(self, origin):
            return True
        def open(self):
            print "connection opened"
            self.write_message("connection opened")
        def on_close(self):
            print "connection closed"
        def on_message(self,message):
            print "Message received: {}".format(message)
            self.write_message("message received")
    
    

    DOC에서 :

    와이즈 비즈

    다시 :

    와이즈 비즈

    링크.

  • 답변 # 2

    @maxhawkdown의 솔루션을 약간 수정했습니다.

    By default, [check_origin] rejects all requests with an origin on a host other than this one.

    This is a security protection against cross site scripting attacks on browsers, since WebSockets are allowed to bypass the usual same-origin policies and don’t use CORS headers.

  • 답변 # 3

    안함

    This is an important security measure; don’t disable it without understanding the security implications. In particular, if your authentication is cookie-based, you must either restrict the origins allowed by check_origin() or implement your own XSRF-like protection for websocket connections. See these articles for more.

    를 설정   from tornado.util import PY3 if PY3: from urllib.parse import urlparse # py2 xrange = range else: from urlparse import urlparse # py3 class ChatHandler(tornado.websocket.WebSocketHandler): CORS_ORIGINS = ['localhost'] def check_origin(self, origin): parsed_origin = urlparse(origin) # parsed_origin.netloc.lower() gives localhost:3333 return parsed_origin.hostname in self.CORS_ORIGINS 에서  보안 위협이므로허용도메인 목록을 대신 사용하십시오.

    return True
    
    

    check_origin()

  • 이전 Firebase 클라우드 기능의 지오 파이어 쿼리
  • 다음 html - div 요소 안에 헤더와 스크롤 섹션을 갖는 방법