If the Origin HTTP header passed in the WebSocket handshake does
not match the host, this could indicate an attempt at a
cross-site attack. This commit adds a check to verify
the origin matches the host.
Change-Id: Ica6ec23d6f69a236657d5ba0c3f51b693c633649
Closes-Bug: 1409142