TsgcWebSocketLoadBalancerServer › Properties › SecurityOptions
Defines admission rules such as allowed origins for WebSocket handshakes that reach the load balancer.
property SecurityOptions: TsgcWSSecurity_Options read FSecurityOptions write SetSecurityOptions;OriginsAllowed="" (all origins allowed)
Use OriginsAllowed to lock down which browser origins the load balancer accepts WebSocket handshakes from. By default all origins are allowed; any non-empty value enables a whitelist and the load balancer closes connections whose Origin header does not match, before a backend is even selected. Patterns accept wildcards for the port (for example http://127.0.0.1:5555 or http://127.0.0.1:*). Separate multiple origins with commas. Setting OriginsAllowed to an empty string restores the permissive default.
oServer := TsgcWebSocketLoadBalancerServer.Create(nil);
oServer.SecurityOptions.OriginsAllowed := 'https://app.example.com';
oServer.Active := true;