Uvicorn exposes a configuration option to enable reverse proxying from a trusted ip. This PR exposes it downstreams to end clients

whisperlivekit/basic_server.py

@@ -118,6 +118,8 @@ def main():
 
     if ssl_kwargs:
         uvicorn_kwargs = {**uvicorn_kwargs, **ssl_kwargs}
+    if args.forwarded_allow_ips:
+        uvicorn_kwargs = { **uvicorn_kwargs, "forwarded_allow_ips" : args.forwarded_allow_ips }
 
     uvicorn.run(**uvicorn_kwargs)
 

whisperlivekit/parse_args.py

@@ -175,6 +175,7 @@ def parse_args():
     )
     parser.add_argument("--ssl-certfile", type=str, help="Path to the SSL certificate file.", default=None)
     parser.add_argument("--ssl-keyfile", type=str, help="Path to the SSL private key file.", default=None)
+    parser.add_argument("--forwarded-allow-ips", type=str, help="Allowed ips for reverse proxying.", default=None)
     parser.add_argument(
         "--pcm-input",
         action="store_true",

whisperlivekit/web/live_transcription.js

@@ -178,14 +178,13 @@ function fmt1(x) {
 }
 
 let host, port, protocol;
-
+port = 8000;
 if (isExtension) {
     host = "localhost";
-    port = 8000;
     protocol = "ws";
 } else {
     host = window.location.hostname || "localhost";
-    port = window.location.port || 8000;
+    port = window.location.port;
     protocol = window.location.protocol === "https:" ? "wss" : "ws";
 }
 const defaultWebSocketUrl = `${protocol}://${host}${port ? ":" + port : ""}/asr`;