From 79c0e8452f2730d0d1da9c54f8b56f2170f1fbe3 Mon Sep 17 00:00:00 2001
From: Charles Gould <charles@gould.dev>
Date: Tue, 7 Feb 2017 18:16:50 -0500
Subject: [PATCH] Disallow all origins for WebSocket requests

---
 server/src/main/java/lingo/server/WebSocketConfig.java | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/server/src/main/java/lingo/server/WebSocketConfig.java b/server/src/main/java/lingo/server/WebSocketConfig.java
index 90ab28c..c956c73 100644
--- a/server/src/main/java/lingo/server/WebSocketConfig.java
+++ b/server/src/main/java/lingo/server/WebSocketConfig.java
@@ -32,8 +32,7 @@ public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
 
 	@Override
 	public void registerStompEndpoints(StompEndpointRegistry registry) {
-		// Allow all origins: for JSFiddle, lol
-		registry.addEndpoint("/stomp").setAllowedOrigins("*").withSockJS();
+		registry.addEndpoint("/stomp").withSockJS();
 	}
 
 }