Comment 19 for bug 1420273

Reviewed: https://review.fuel-infra.org/4382
Submitter: Vitaly Sedelnik <email address hidden>
Branch: openstack-ci/fuel-5.1-updates/2014.1.1

Commit: 12c7b428670db12c2d37dd1c16d9ba728639d6da
Author: Denis Meltsaykin <email address hidden>
Date: Mon Jun 29 12:41:33 2015

Websocket Proxy should verify Origin header

From: Dave McCowan <email address hidden>
Date: Wed, 25 Feb 2015 02:35:48 +0000 (-0500)
Subject: Websocket Proxy should verify Origin header

If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.

Change-Id: Ib576c9ab136d18d04f1f987ea5d06906d9ec921d
Closes-Bug: #1420273