diff --git a/changelog.d/phoenix-sec-websocket-headers.change b/changelog.d/phoenix-sec-websocket-headers.change
new file mode 100644
index 000000000..b3cb4ad3f
--- /dev/null
+++ b/changelog.d/phoenix-sec-websocket-headers.change
@@ -0,0 +1 @@
+Switch patched Phoenix 1.7.14 back to upstream with Phoenix 1.8.0+
diff --git a/lib/pleroma/web.ex b/lib/pleroma/web.ex
index e7e7e96f9..70e7f6458 100644
--- a/lib/pleroma/web.ex
+++ b/lib/pleroma/web.ex
@@ -30,7 +30,7 @@ defmodule Pleroma.Web do
 
   def controller do
     quote do
-      use Phoenix.Controller, namespace: Pleroma.Web
+      use Phoenix.Controller, formats: [json: "View", html: "View"]
 
       import Plug.Conn
 
@@ -42,7 +42,10 @@ defmodule Pleroma.Web do
       plug(:set_put_layout)
 
       defp set_put_layout(conn, _) do
-        put_layout(conn, Pleroma.Config.get(:app_layout, "app.html"))
+        case Pleroma.Config.get(:app_layout, "app.html") do
+          false -> put_layout(conn, false)
+          layout -> put_layout(conn, {Pleroma.Web.LayoutView, layout})
+        end
       end
 
       # Marks plugs intentionally skipped and blocks their execution if present in plugs chain
diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex
index a5c04a0c4..36e78e1e2 100644
--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -14,7 +14,7 @@ defmodule Pleroma.Web.Endpoint do
     websocket: [
       path: "/",
       compress: false,
-      connect_info: [:sec_websocket_protocol],
+      connect_info: [:sec_websocket_headers],
       error_handler: {Pleroma.Web.MastodonAPI.WebsocketHandler, :handle_error, []},
       fullsweep_after: 20
     ]
diff --git a/lib/pleroma/web/mastodon_api/websocket_handler.ex b/lib/pleroma/web/mastodon_api/websocket_handler.ex
index 3ed1cdd6c..2b698bd5d 100644
--- a/lib/pleroma/web/mastodon_api/websocket_handler.ex
+++ b/lib/pleroma/web/mastodon_api/websocket_handler.ex
@@ -245,12 +245,20 @@ defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do
     Plug.Conn.send_resp(conn, 404, "Not Found")
   end
 
-  defp find_access_token(%{
-         connect_info: %{sec_websocket_protocol: [token]}
-       }),
-       do: token
+  defp find_access_token(%{connect_info: %{sec_websocket_headers: sec_headers}} = transport_info) do
+    find_sec_websocket_protocol(sec_headers) || find_access_token_from_params(transport_info)
+  end
 
-  defp find_access_token(%{params: %{"access_token" => token}}), do: token
+  defp find_access_token(transport_info), do: find_access_token_from_params(transport_info)
 
-  defp find_access_token(_), do: nil
+  defp find_sec_websocket_protocol(sec_headers) do
+    Enum.find_value(sec_headers, fn
+      {"sec-websocket-protocol", token} -> token
+      _ -> nil
+    end)
+  end
+
+  defp find_access_token_from_params(%{params: %{"access_token" => token}}), do: token
+
+  defp find_access_token_from_params(_), do: nil
 end
diff --git a/mix.exs b/mix.exs
index 44374f383..3d525b321 100644
--- a/mix.exs
+++ b/mix.exs
@@ -123,8 +123,7 @@ defmodule Pleroma.Mixfile do
   # Type `mix help deps` for examples and options.
   defp deps do
     [
-      {:phoenix,
-       git: "https://github.com/feld/phoenix", branch: "v1.7.14-websocket-headers", override: true},
+      {:phoenix, "~> 1.8.0"},
       {:phoenix_ecto, "~> 4.6"},
       {:ecto_sql, "~> 3.13"},
       {:ecto_enum, "~> 1.4"},
diff --git a/mix.lock b/mix.lock
index 81e16d4da..cde864084 100644
--- a/mix.lock
+++ b/mix.lock
@@ -102,7 +102,7 @@
   "open_api_spex": {:hex, :open_api_spex, "3.22.0", "fbf90dc82681dc042a4ee79853c8e989efbba73d9e87439085daf849bbf8bc20", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}, {:poison, "~> 3.0 or ~> 4.0 or ~> 5.0 or ~> 6.0", [hex: :poison, repo: "hexpm", optional: true]}, {:ymlr, "~> 2.0 or ~> 3.0 or ~> 4.0 or ~> 5.0", [hex: :ymlr, repo: "hexpm", optional: true]}], "hexpm", "dd751ddbdd709bb4a5313e9a24530da6e66594773c7242a0c2592cbd9f589063"},
   "parse_trans": {:hex, :parse_trans, "3.4.1", "6e6aa8167cb44cc8f39441d05193be6e6f4e7c2946cb2759f015f8c56b76e5ff", [:rebar3], [], "hexpm", "620a406ce75dada827b82e453c19cf06776be266f5a67cff34e1ef2cbb60e49a"},
   "pbkdf2_elixir": {:hex, :pbkdf2_elixir, "1.2.1", "9cbe354b58121075bd20eb83076900a3832324b7dd171a6895fab57b6bb2752c", [:mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}], "hexpm", "d3b40a4a4630f0b442f19eca891fcfeeee4c40871936fed2f68e1c4faa30481f"},
-  "phoenix": {:git, "https://github.com/feld/phoenix", "fb6dc76c657422e49600896c64aab4253fceaef6", [branch: "v1.7.14-websocket-headers"]},
+  "phoenix": {:hex, :phoenix, "1.8.3", "49ac5e485083cb1495a905e47eb554277bdd9c65ccb4fc5100306b350151aa95", [:mix], [{:bandit, "~> 1.0", [hex: :bandit, repo: "hexpm", optional: true]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 2.1", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:phoenix_template, "~> 1.0", [hex: :phoenix_template, repo: "hexpm", optional: false]}, {:phoenix_view, "~> 2.0", [hex: :phoenix_view, repo: "hexpm", optional: true]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 2.7", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:plug_crypto, "~> 1.2 or ~> 2.0", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:websock_adapter, "~> 0.5.3", [hex: :websock_adapter, repo: "hexpm", optional: false]}], "hexpm", "36169f95cc2e155b78be93d9590acc3f462f1e5438db06e6248613f27c80caec"},
   "phoenix_ecto": {:hex, :phoenix_ecto, "4.6.5", "c4ef322acd15a574a8b1a08eff0ee0a85e73096b53ce1403b6563709f15e1cea", [:mix], [{:ecto, "~> 3.5", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 2.14.2 or ~> 3.0 or ~> 4.1", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:plug, "~> 1.9", [hex: :plug, repo: "hexpm", optional: false]}, {:postgrex, "~> 0.16 or ~> 1.0", [hex: :postgrex, repo: "hexpm", optional: true]}], "hexpm", "26ec3208eef407f31b748cadd044045c6fd485fbff168e35963d2f9dfff28d4b"},
   "phoenix_html": {:hex, :phoenix_html, "3.3.4", "42a09fc443bbc1da37e372a5c8e6755d046f22b9b11343bf885067357da21cb3", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm", "0249d3abec3714aff3415e7ee3d9786cb325be3151e6c4b3021502c585bf53fb"},
   "phoenix_live_dashboard": {:hex, :phoenix_live_dashboard, "0.8.7", "405880012cb4b706f26dd1c6349125bfc903fb9e44d1ea668adaf4e04d4884b7", [:mix], [{:ecto, "~> 3.6.2 or ~> 3.7", [hex: :ecto, repo: "hexpm", optional: true]}, {:ecto_mysql_extras, "~> 0.5", [hex: :ecto_mysql_extras, repo: "hexpm", optional: true]}, {:ecto_psql_extras, "~> 0.7", [hex: :ecto_psql_extras, repo: "hexpm", optional: true]}, {:ecto_sqlite3_extras, "~> 1.1.7 or ~> 1.2.0", [hex: :ecto_sqlite3_extras, repo: "hexpm", optional: true]}, {:mime, "~> 1.6 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:phoenix_live_view, "~> 0.19 or ~> 1.0", [hex: :phoenix_live_view, repo: "hexpm", optional: false]}, {:telemetry_metrics, "~> 0.6 or ~> 1.0", [hex: :telemetry_metrics, repo: "hexpm", optional: false]}], "hexpm", "3a8625cab39ec261d48a13b7468dc619c0ede099601b084e343968309bd4d7d7"},
diff --git a/test/pleroma/integration/mastodon_websocket_test.exs b/test/pleroma/integration/mastodon_websocket_test.exs
index 47f6f5f76..078bb643c 100644
--- a/test/pleroma/integration/mastodon_websocket_test.exs
+++ b/test/pleroma/integration/mastodon_websocket_test.exs
@@ -279,6 +279,26 @@ defmodule Pleroma.Integration.MastodonWebsocketTest do
       end)
     end
 
+    test "prefers sec-websocket-protocol token over query access_token", %{
+      token: token,
+      user: user
+    } do
+      assert {:ok, state} =
+               Pleroma.Web.MastodonAPI.WebsocketHandler.connect(%{
+                 params: %{"stream" => "user", "access_token" => "invalid"},
+                 connect_info: %{
+                   sec_websocket_headers: [
+                     {"sec-websocket-version", "13"},
+                     {"sec-websocket-protocol", token.token}
+                   ]
+                 }
+               })
+
+      assert state.user.id == user.id
+      assert state.oauth_token.id == token.id
+      assert state.topics != []
+    end
+
     test "accepts valid token on client-sent event", %{token: token} do
       assert {:ok, pid} = start_socket()
 
diff --git a/test/pleroma/web/static_fe/static_fe_controller_test.exs b/test/pleroma/web/static_fe/static_fe_controller_test.exs
index 2fae83305..68ded6906 100644
--- a/test/pleroma/web/static_fe/static_fe_controller_test.exs
+++ b/test/pleroma/web/static_fe/static_fe_controller_test.exs
@@ -28,6 +28,15 @@ defmodule Pleroma.Web.StaticFE.StaticFEControllerTest do
       assert html_response(conn, 200) =~ user.nickname
     end
 
+    test "renders profile HTML inside the default app layout", %{conn: conn, user: user} do
+      conn = get(conn, "/users/#{user.nickname}")
+
+      html = html_response(conn, 200)
+      assert html =~ "<!DOCTYPE html>"
+      assert html =~ ~s(class="instance-header")
+      assert html =~ ~s(<link rel="stylesheet" href="/instance/static.css">)
+    end
+
     test "404 when user not found", %{conn: conn} do
       conn = get(conn, "/users/limpopo")