Skip to content

Change how WebSocket urls are generated #3344

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Andrew-Pohl wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Change how WebSocket urls are generated #3344

Andrew-Pohl wants to merge 1 commit into from

Conversation

@Andrew-Pohl
Copy link

@Andrew-Pohl Andrew-Pohl commented Jan 6, 2026
edited
Loading

Summary

Fix issues with websocket URL creation.

If endpoint had an unterminated path it would strip the last element in the path and replace it with ws, it would also downgrade wss to ws if user specifies the endpoint as wss://

Rationale

Fix bug were path was overwritten if not terminated with a / . We use a url format {protocol}://{subdomain}.{domain}.{TLD}/api={key} if this is not terminated with a / it will rewrite it too {protocol}://{subdomain}.{domain}.{TLD}/ws which results in a 403 as we can't authenticate.

Also if the uses passes a websocket address wss:// it will downgrade it to unsecure ws:// which is a potential vulnerability risk

How has this been tested?

  • Current tests cover my changes
  • Added new tests
  • Manually tested the code

@vercel
Copy link

vercel bot commented Jan 6, 2026

@Andrew-Pohl is attempting to deploy a commit to the Pyth Network Team on Vercel.

A member of the Team first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Andrew-Pohl