commit | 873e67e4d598af0769fdf077ff074dfe82add46a | [log] [tgz] |
---|---|---|
author | Ran Benita <ran@unusedvar.com> | Thu Aug 20 13:43:18 2020 |
committer | GitHub <noreply@github.com> | Thu Aug 20 13:43:18 2020 |
tree | de4405e90b486c228059efa40e1bcafd10192824 | |
parent | b65e62901fc1c0d968042419e74789f6af455eb9 [diff] |
Fix how the client checks for presence of Upgrade: websocket, Connection: upgrade (#604) The values of the `Upgrade` and `Connection` response headers can contain multiple tokens, for example Connection: upgrade, keep-alive The WebSocket RFC describes the checking of these as follows: 2. If the response lacks an |Upgrade| header field or the |Upgrade| header field contains a value that is not an ASCII case- insensitive match for the value "websocket", the client MUST _Fail the WebSocket Connection_. 3. If the response lacks a |Connection| header field or the |Connection| header field doesn't contain a token that is an ASCII case-insensitive match for the value "Upgrade", the client MUST _Fail the WebSocket Connection_. It is careful to note "contains a value", "contains a token". Previously, the client would reject with "bad handshake" if the header doesn't contain exactly the value it looks for. Change the checks to use `tokenListContainsValue` instead, which is incidentally what the server is already doing for similar checks.
Gorilla WebSocket is a Go implementation of the WebSocket protocol.
The Gorilla WebSocket package provides a complete and tested implementation of the WebSocket protocol. The package API is stable.
go get github.com/gorilla/websocket
The Gorilla WebSocket package passes the server tests in the Autobahn Test Suite using the application in the examples/autobahn subdirectory.
Notes: