Open SvizelPritula opened 1 month ago
nakedible-p
commented
1 month ago I will be happy to go through the details of the permessage-deflate spec – or rather even fix the bug myself, while some missing window bits support. However, the bug is extremely niche as these extension fields are very rarely used, so I'd prefer to try to get this merged and then do an improvement pull on top of that.
SvizelPritula
commented
3 weeks ago @kazk Would you be willing to relicense your PR under the MIT + Apache dual license as used by this crate?
If not, I believe we can use the code under MIT + Apache anyways, as long as we add a NOTICE file to the repo that looks a little bit like this:
This crate contains code copied from the headers crate, licensed as follows:
*Insert copy of headers license here.*Additionaly, we would probably have to add "Copyright (c) 2014-2023 Sean McArthur" to LICENSE-MIT, which is odd, given that no part of the code in this PR was actually written by Sean McArthur.
In #328, @kazk implemented support for the
permessage-deflateextention. Implementing this extention required the ability to parse theSec-Websocket-Extentionsheader, so @kazk submitted a pull request to theheaderscrate. However, the maintainers of theheaderscrate don't wan't to support this header yet, as they don't wan't to commit to any particular API. As such, they suggested that it should be implemented in this or some other crate, tweaked as necessary and potentially moved into theheaderscrate in the future.This PR reverts the commit that reverted @kazk's commit that added
permessage-deflatesupport. It also copies his implementation ofSecWebsocketExtentionsintended for theheaderscrate.The implementation of
SecWebsocketExtentionsrelied on some internal utilities of theheaderscrate. I've removed some of those dependencies and re-implemented others. I have also gated the implementation behind the existinghandshakefeature, as well as any code that relies on it, since it relies on theheaderscrate, which in turn relies on many other HTTP crates.Blocking issues
headerscrate is licensed under the MIT license, while this crate uses a dual MIT+Apache license. We would need to add a proper license notice, or @kazk would need to consent to the re-licensing of his PR.Unresolved questions
deflatefeature without havingtungstenitehandle the Websocket handshake. There is aWebSocket::from_raw_socket_with_extensionsmethod to allow for exactly that, but it takes anExtensionsstruct, which has no public constructor.WebSocketConfig::accept_offersmethod, which implements the server part of extension negotiation and requires thehandshakefeature. This method is intended to allow fortungsteniteto be integrated into web frameworks. No similar public method exists for clients, although that might not be a big issue, since a client knows whether a request will be a Websocket request up front.WebSocketConfig::accept_offersfeels out of place on theWebSocketConfig. We could make it a standalone function, perhaps in theextensionsmodule.SecWebsocketExtentionsimplementation public. This is necessary to make theWebSocketConfig::accept_offersmethod usable. This does mean that ifSecWebsocketExtentionswere to be added toheadersin the future, switching to that implementation would (I think) be a breaking change. An alternative would be to haveWebSocketConfig::accept_offerstake and return aHeaderValue, which it would parse itself. This would allow us to makeSecWebsocketExtentionsa private implementation detail.WebSocketConfigand a new variant was added to theErrorenum. Since this field and variant depends on thedeflatefeature, I've annotated both with#[non_exhaustive]. I've done the same toProtocolError, which currently has variants gated behindhandshake. This sadly means that you cannot createWebSocketConfigusing the initializer syntax, instead you have to create an instance withWebSocketConfig::defaultand mutate it afterward. Sadly, I see no way to avoid this. It would be possible to disable#[non_exhaustive]if all relevant features are enabled.