Discovered this bug when testing browsers using the basic red5 chat demo. Was not able to connect using IE11 on Windows 7, but worked fine in IE11 on Windows 10 (and all other browsers on Mac and Windows). The request to connect was returning a 200 status and serving a webpage instead of upgrading the connection.
mondain
commented
5 years ago
Discovered this bug when testing browsers using the basic red5 chat demo. Was not able to connect using IE11 on Windows 7, but worked fine in IE11 on Windows 10 (and all other browsers on Mac and Windows). The request to connect was returning a 200 status and serving a webpage instead of upgrading the connection.
After doing some wireshark traces and comparing the headers between IE11 on Win7 and Win10, showing the same headers supplied, I dug into the code for the UpgradeUtil and found at this line: https://github.com/Red5/red5-plugins/blob/dc06cad97a86f053998c901182d04b87e8ad33d7/tomcat/src/main/java/org/red5/net/websocket/server/UpgradeUtil.java#L68 It is looking for the 'Upgrade' header with value of 'websocket' per the tomcat specs: https://tomcat.apache.org/tomcat-9.0-doc/api/constant-values.html#org.apache.tomcat.websocket.Constants.UPGRADE_HEADER_VALUE
The header in IE11 Win7 is sending a value that not all lower case ('Websocket' instead of 'websocket') causing it to not match up.
The solution would be to change this to a non case-sensitive check, per the specs: https://tools.ietf.org/html/rfc6455#section-4.2.1