Flexible origin-checking in octant for running behind a reverse proxy

[pivotal-mikegresham]

Describe the problem/challenge you have

We are running a hosted Octant websocket server behind a reverse proxy which routes based on hostname - this means that, by the time requests from a browser reach Octant, the Host has been rewritten by the proxy and no longer matches the Origin.

Describe the solution you'd like

Some way to inject a custom origin-checking function, to substitute for the hardcoded checkSameOrigin. Ideally this would take the form of a functional option to dash.NewRunner as that is the entrypoint we are using to run our Octant server.

Anything else you would like to add:

the Upgrader type from gorilla/websocket has a field for a CheckOrigin function -- this might be a good interface to follow. Actually it looks like Octant doesn't currently make use of that field but maybe it could, and allow it to be overridden via a functional option.

This is one of the thing blocking us from getting back to upstream Octant from our fork, so we'd like to see it in 0.21 or as soon as possible.

Environment:

• Octant version (use octant version): 0.19
• Kubernetes version (use kubectl version): 1.19+
• OS (macOS 10.15, Windows 10, Ubuntu 19.10 etc): k8s container on AWS

ref: tdc