Multiple domains accessing phoenix - websocket returns forbidden

I am trying to allow my app to be accessible through multiple domains as we like to allow dashboards to be exported as PWAs on individual domains. Currently we have it working on subdomains like which brings up the correct dashboard and the websocket connection works.

We pointed now a CNAME record of the other domain live.other-domain to this subdomain above where we have a domain lookup like ( which loads the exported dashboards which works fine. The dashboard is loaded. However the web socket connection returns a 403 (forbidden) when trying to connect to the app.

We’ve now tried to disable origin check

 socket "/live", Phoenix.LiveView.Socket,
    websocket: [connect_info: [session: @session_options, check_origin: false]]

but it didn’t work.

1 Like

I’m not sure if you’re setting :check_origin option in the correct place.

If you want to disable it completely, I think you should do it on the top endpoint level like;

config :my_app, MyApp.Endpoint,
  check_origin: false

But you probably want to just give it a list of domains to check against:

config :my_app, MyApp.Endpoint,
  check_origin: ["//", "//"]

thanks @hubertlepicki

explicitly setting the domain in the top level did the trick!

1 Like

Thanks @hubertlepicki, your answer finished my endless search.

Just to help someone, don’t forget the comma at the end, like this:

config :my_app, MyApp.Endpoint,
  check_origin: ["//", "//"],  # <-  COMMA HERE
  url: [host: host, port: 443, scheme: "https"],
  http: [
      # Enable IPv6 and bind on all interfaces.
      # Set it to  {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.
      # See the documentation on
      # for details about using IPv6 vs IPv4 and loopback vs public addresses.
      ip: {0, 0, 0, 0, 0, 0, 0, 0},
      port: port
    secret_key_base: secret_key_base

1 Like