I have a simple PHP websocket server
Here is the full code : https://gist.github.com/hack4mer/e40094001d16c75fe5ae8347ebffccb7
while (true) {
$changed = $clients;
socket_select($changed, $null, $null, 0, 10);
//check for new socket
if (in_array($socket, $changed)) {
$socket_new = socket_accept($socket); //accpet new socket
$clients[] = $socket_new; //add socket to client array
//THIS DOES NOT WORK
print_r($_SERVER);
die();
}
In the browser's network tab, I can confirm the following request:
Request URL: ws://localhost:12345/
Provisional headers are shown
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,hi;q=0.8,ms;q=0.7
Cache-Control: no-cache
Connection: Upgrade
Host: localhost:12345
Origin: http://localhost
However am not able to access these request headers in my script.
My aim is to restrict access of the WebSocket to only few hosts
I solved this issue by doing the header checking before the handshaking.
Full code : https://gist.github.com/hack4mer/e40094001d16c75fe5ae8347ebffccb7