search

socketry / async-websocket

Asynchronous WebSocket client and server, supporting HTTP/1 and HTTP/2 for Ruby.
MIT License
166 stars 18 forks source link

improve checks in `stream?` for http1 #58

Closed zarqman closed 11 months ago

zarqman commented 11 months ago

This PR tightens up the check in stream? for HTTP/1.1 requests by ensuring the sec-websocket-accept header was verified in addition to status == 101.

Before

Status not 101       : `stream?` => false
101 w/missing header : `stream?` => true
Bad header           : raises exception

After

Status not 101       : `stream?` => false
101 w/missing header : `stream?` => false
Bad header           : raises exception

Reference

RFC 6455, near the end of section 4.1, says that a WS connection must be failed if the header is missing or invalid (in point (4), at the bottom of page 19).

Types of Changes

Contribution

ioquatix commented 11 months ago

Thanks, this is a great addition.