Subdomains and phoenix LiveView

I’m working on a white label to provide a free hosting alternative to for elixir groups.

I got the domain and I want to be able to sign up accounts as subdomains.


This means that I must reconcile the subdomain dynamically and from an ecto repo.

Using a mesh up of custom plugs to route request to either a root router or a subdomain router
like seen in I later then in the mount of a LiveView look up the subdomain and render or return a 404 if the subdomain is not valid.

This is where things go south.

15:58:03.381 [error] Could not check origin for Phoenix.Socket transport.

Origin of the request:

This happens when you are attempting a socket connection to
a different host than the one configured in your config/
files. For example, in development the host is configured
to "localhost" but you may be trying to access it from
"". To fix this issue, you may either:

  1. update [url: [host: ...]] to your actual host in the
     config file for your current environment (recommended)

  2. pass the :check_origin option when configuring your
     endpoint or when configuring the transport in your
     UserSocket module, explicitly outlining which origins
     are allowed:

        check_origin: ["",
                       "//", "//"]

from the looks of this, there is only one way to dynamically set the check_origin though I’m not sure where that happens.

Also I thought I seen something about http2 requests over wss:// could be cross domain so long as its under the same wildcard SSL.


I think the correct place to check for the domain is in a custom plug at your router.ex or with a custom pipeline.


See what I mean in this examples for creating Specific Plugs.

1 Like


config :app, App.Endpoint,
  check_origin: {App.Origin, :check_origin, []}


defmodule App.Origin do
  @spec check_origin(URI.t()) :: boolean
  def check_origin(%URI{} = origin) do
    # Check origin (query db etc), return true/ false
    origin.authority in ["", ""]

Good to know your approach, but he needs to do it dynamically.

Yes, this is the way to go. App.Origin.check_origin/1 will be run for any new socket connection and can be used to compare the origin.authority against a db table or so.

1 Like

My bad, I just focus my attention in the hard-coded domains.

Thanks for the clarification.

1 Like

I don’t disagree that’s why I’m doing just that. The issue here is whether or not I can specify check_origin at run time or not.

1 Like

This is great thank you!

This might be interesting to you.