SockJS is a dependency we used to setup a websocket connection. However, with the upgrade to Spring 2, this dependency started misbehaving and Stomp gave us errors for that. It had something to do with CORS and giving the client the right CDN url for downloading SockJS. One option to fix the bug seemed to be to set CORS to allow all cross-site requests and set a static CDN url for downloading SockJS.
The fix to this has been to remove SockJS and replace it with native Websocket support from the browser. The changes to make this happen are small and only change stomp related code to use native support and tell spring not to use SockJS.