astrieanna
commented
11 years ago More details about handling things based on headers:
/version/ The |Sec-WebSocket-Version| header field in the client's handshake includes the version of the WebSocket Protocol with which the client is attempting to communicate. If this version does not match a version understood by the server, the server MUST abort the WebSocket handshake described in this section and instead send an appropriate HTTP error code (such as 426 Upgrade Required) and a |Sec-WebSocket-Version| header field indicating the version(s) the server is capable of understanding.
If they set Sec-WebSocket-Version to something other than 13,
then we send a 426 response with a Sec-WebSocket-Version header set to 13.
This versioning is clearly coupled to the websockets stuff, not the HTTP handling stuff, so the test should be implemented in the websockets.jl file. (So this issue is mostly just me taking notes on the RFC). I think this means that the HTTP handling stuff should call a predicate from the websockets file/module rather than having it's own iswebsocketshandshake function.
despeset
From the websockets RFC:
Currently, we look for an
Upgradeheader with the case-sensitive value "websocket".If some but not all of the websockets properties hold, we should response with an appropriate error. Just not identifying non-complying requests as websockets handshakes should work out ok, but if it has any of the headers with "websocket" in the name or value (but does not follow all four), then I think we should response with an error at that point.
The
Sec-Websocket-Keyproperty can be determined by counting the total number of characters and the number of=-signs at the end of the value. 16 = 22 + 2=. (Meaning you don't actually have to decode it to figure out whether the length property holds.)