[asterisk-commits] dlee: branch 12 r399039 - /branches/12/res/res_http_websocket.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Fri Sep 13 09:18:44 CDT 2013
Author: dlee
Date: Fri Sep 13 09:18:36 2013
New Revision: 399039
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=399039
Log:
ARI: Fix WebSocket response when subprotocol isn't specified
When I moved the ARI WebSocket from /ws to /ari/events, I added code to
allow a WebSocket to connect without specifying the subprotocol if
there's only one subprotocol handler registered for the WebSocket.
Naively, I coded it to always respond with the subprotocol in use.
Unfortunately, according to RFC 6455, if the server's response includes
a subprotocol header field that "indicates the use of a subprotocol that
was not present in the client's handshake [...], the client MUST _Fail
the WebSocket Connection_.", emphasis theirs.
This patch correctly omits the Sec-WebSocket-Protocol if one is not
specified by the client.
(closes issue ASTERISK-22441)
Review: https://reviewboard.asterisk.org/r/2828/
Modified:
branches/12/res/res_http_websocket.c
Modified: branches/12/res/res_http_websocket.c
URL: http://svnview.digium.com/svn/asterisk/branches/12/res/res_http_websocket.c?view=diff&rev=399039&r1=399038&r2=399039
==============================================================================
--- branches/12/res/res_http_websocket.c (original)
+++ branches/12/res/res_http_websocket.c Fri Sep 13 09:18:36 2013
@@ -645,11 +645,25 @@
fprintf(ser->f, "HTTP/1.1 101 Switching Protocols\r\n"
"Upgrade: %s\r\n"
"Connection: Upgrade\r\n"
- "Sec-WebSocket-Accept: %s\r\n"
- "Sec-WebSocket-Protocol: %s\r\n\r\n",
+ "Sec-WebSocket-Accept: %s\r\n",
upgrade,
- base64,
- protocol_handler->name);
+ base64);
+
+ /* RFC 6455, Section 4.1:
+ *
+ * 6. If the response includes a |Sec-WebSocket-Protocol| header
+ * field and this header field indicates the use of a
+ * subprotocol that was not present in the client's handshake
+ * (the server has indicated a subprotocol not requested by
+ * the client), the client MUST _Fail the WebSocket
+ * Connection_.
+ */
+ if (protocol) {
+ fprintf(ser->f, "Sec-WebSocket-Protocol: %s\r\n",
+ protocol);
+ }
+
+ fprintf(ser->f, "\r\n");
} else {
/* Specification defined in http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-75 or completely unknown */
More information about the asterisk-commits
mailing list