Mozilla WebSocket origin value

Hi friends. In my extension I’m using the JS WebSocket to communicate with the native application.
I want to make this communication safe, to allow connections only from the extensions, not from webpages - so I need to check the ‘Origin’ header.

At the moment of testing, If connection comes from my extension, I’m getting the Origin value “null”. Is that correct? Do I need to add more values to my Origin-whitelist to make sure, that connection from the extension will be always allowed and the other connections (for example, from web pages) will be rejected?

1 Like