chibenwa
commented
1 month ago Can we just open a small PR prior the sprint starts so that it don't remain unadressed too long?
Closed quantranhong1999 closed 1 month ago
chibenwa
commented
1 month ago Can we just open a small PR prior the sprint starts so that it don't remain unadressed too long?
quantranhong1999
commented
1 month ago
Why
@tddang-linagora tried to follow JMAP websocket specs cf https://www.rfc-editor.org/rfc/rfc8887.html#name-handshake.
He want to initiate the websocket connection and put in the first HTTP request the
Sec-WebSocket-Protocol: jmapheader and Postman returnError: Server sent no subprotocol.Likely Postman validated that there was no
Sec-WebSocket-Protocol: jmapheader in the response.From the specs:
Otherwise, the client MUST make an [authenticated HTTP request](https://www.rfc-editor.org/rfc/rfc8887.html#RFC7235) [[RFC7235](https://www.rfc-editor.org/rfc/rfc8887.html#RFC7235)] on the encrypted connection and MUST include the value "jmap" in the list of protocols for the "Sec-WebSocket-Protocol" header field. The reply from the server MUST also contain a corresponding "Sec-WebSocket-Protocol" header field with a value of "jmap" in order for a JMAP subprotocol connection to be established.The word
Otherwiseseems vague to me as it makes me have the impression that theSec-WebSocket-Protocolheader usage is just optional/fallback. However, it seems that the header is common and our server should support that header.How
James JMAP Websocket server should return the
Sec-WebSocket-Protocolresponse header upon HTTP authenticated request.And likely we should reject the request without the the
Sec-WebSocket-Protocolheader too.DoD
Tests.