/** * handle the WebSocket header reading * @param client WSclient_t * ptr to the client struct */ void WebSocketsClient::handleHeader(WSclient_t * client, String * headerLine) { headerLine->trim(); // remove \r if(headerLine->length() > 0) { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] RX: %s\n", headerLine->c_str()); if(headerLine->startsWith("HTTP/1.")) { // "HTTP/1.1 101 Switching Protocols" client->cCode = headerLine->substring(9, headerLine->indexOf(' ', 9)).toInt(); } else if(headerLine->indexOf(':')) { String headerName = headerLine->substring(0, headerLine->indexOf(':')); String headerValue = headerLine->substring(headerLine->indexOf(':') + 2); if(headerName.equalsIgnoreCase("Connection")) { if(headerValue.equalsIgnoreCase("upgrade")) { client->cIsUpgrade = true; } } else if(headerName.equalsIgnoreCase("Upgrade")) { if(headerValue.equalsIgnoreCase("websocket")) { client->cIsWebsocket = true; } } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Accept")) { client->cAccept = headerValue; client->cAccept.trim(); // see rfc6455 } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Protocol")) { client->cProtocol = headerValue; } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Extensions")) { client->cExtensions = headerValue; } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Version")) { client->cVersion = headerValue.toInt(); } } else { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Header error (%s)\n", headerLine->c_str()); } (*headerLine) = ""; #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266_ASYNC) client->tcp->readStringUntil('\n', &(client->cHttpLine), std::bind(&WebSocketsClient::handleHeader, this, client, &(client->cHttpLine))); #endif } else { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Header read fin.\n"); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Client settings:\n"); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cURL: %s\n", client->cUrl.c_str()); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cKey: %s\n", client->cKey.c_str()); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Server header:\n"); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cCode: %d\n", client->cCode); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cIsUpgrade: %d\n", client->cIsUpgrade); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cIsWebsocket: %d\n", client->cIsWebsocket); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cAccept: %s\n", client->cAccept.c_str()); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cProtocol: %s\n", client->cProtocol.c_str()); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cExtensions: %s\n", client->cExtensions.c_str()); DEBUG_WEBSOCKETS("[WS-Client][handleHeader] - cVersion: %d\n", client->cVersion); bool ok = (client->cIsUpgrade && client->cIsWebsocket); if(ok) { switch(client->cCode) { case 101: ///< Switching Protocols break; case 403: ///< Forbidden // todo handle login default: ///< Server dont unterstand requrst ok = false; DEBUG_WEBSOCKETS("[WS-Client][handleHeader] serverCode is not 101 (%d)\n", client->cCode); clientDisconnect(client); break; } } if(ok) { if(client->cAccept.length() == 0) { ok = false; } else { // generate Sec-WebSocket-Accept key for check String sKey = acceptKey(client->cKey); if(sKey != client->cAccept) { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Sec-WebSocket-Accept is wrong\n"); ok = false; } } } if(ok) { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Websocket connection init done.\n"); headerDone(client); runCbEvent(WStype_CONNECTED, (uint8_t *) client->cUrl.c_str(), client->cUrl.length()); } else { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] no Websocket connection close.\n"); client->tcp->write("This is a webSocket client!"); clientDisconnect(client); } } }
/** * handle the WebSocket header reading * @param client WSclient_t * ptr to the client struct */ void WebSocketsServer::handleHeader(WSclient_t * client) { String headerLine = client->tcp.readStringUntil('\n'); headerLine.trim(); // remove \r if(headerLine.length() > 0) { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] RX: %s\n", client->num, headerLine.c_str()); // websocket request starts allways with GET see rfc6455 if(headerLine.startsWith("GET ")) { // cut URL out client->cUrl = headerLine.substring(4, headerLine.indexOf(' ', 4)); } else if(headerLine.startsWith("Connection: ")) { // 12 = lenght of "Connection: " if(headerLine.indexOf("Upgrade", 12)) { client->cIsUpgrade = true; } } else if(headerLine.startsWith("Upgrade: ")) { // 9 = lenght of "Upgrade: " String low = headerLine.substring(9); low.toLowerCase(); if(low == "websocket") { client->cIsWebsocket = true; } } else if(headerLine.startsWith("Sec-WebSocket-Version: ")) { // 23 = lenght of "Sec-WebSocket-Version: " client->cVersion = headerLine.substring(23).toInt(); } else if(headerLine.startsWith("Sec-WebSocket-Key: ")) { // 19 = lenght of "Sec-WebSocket-Key: " client->cKey = headerLine.substring(19); client->cKey.trim(); // see rfc6455 } else if(headerLine.startsWith("Sec-WebSocket-Protocol: ")) { // 24 = lenght of "Sec-WebSocket-Protocol: " client->cProtocol = headerLine.substring(24); } else if(headerLine.startsWith("Sec-WebSocket-Extensions: ")) { // 26 = lenght of "Sec-WebSocket-Extensions: " client->cExtensions = headerLine.substring(26); } } else { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] Header read fin.\n", client->num); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cURL: %s\n", client->num, client->cUrl.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cIsUpgrade: %d\n", client->num, client->cIsUpgrade); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cIsWebsocket: %d\n", client->num, client->cIsWebsocket); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cKey: %s\n", client->num, client->cKey.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cProtocol: %s\n", client->num, client->cProtocol.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cExtensions: %s\n", client->num, client->cExtensions.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cVersion: %d\n", client->num, client->cVersion); bool ok = (client->cIsUpgrade && client->cIsWebsocket); if(ok) { if(client->cUrl.length() == 0) { ok = false; } if(client->cKey.length() == 0) { ok = false; } if(client->cVersion != 13) { ok = false; } } if(ok) { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] Websocket connection incomming.\n", client->num); // generate Sec-WebSocket-Accept key String sKey = acceptKey(client->cKey); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - sKey: %s\n", client->num, sKey.c_str()); client->status = WSC_CONNECTED; client->tcp.write("HTTP/1.1 101 Switching Protocols\r\n" "Server: arduino-WebSocketsServer\r\n" "Upgrade: websocket\r\n" "Connection: Upgrade\r\n" "Sec-WebSocket-Version: 13\r\n" "Sec-WebSocket-Accept: "); client->tcp.write(sKey.c_str(), sKey.length()); client->tcp.write("\r\n"); if(client->cProtocol.length() > 0) { // todo add api to set Protocol of Server client->tcp.write("Sec-WebSocket-Protocol: arduino\r\n"); } // header end client->tcp.write("\r\n"); // send ping WebSockets::sendFrame(client, WSop_ping); if(_cbEvent) { _cbEvent(client->num, WStype_CONNECTED, (uint8_t *) client->cUrl.c_str(), client->cUrl.length()); } } else { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] no Websocket connection close.\n", client->num); client->tcp.write("HTTP/1.1 400 Bad Request\r\n" "Server: arduino-WebSocket-Server\r\n" "Content-Type: text/plain\r\n" "Content-Length: 32\r\n" "Connection: close\r\n" "Sec-WebSocket-Version: 13\r\n" "\r\n" "This is a Websocket server only!"); clientDisconnect(client); } } }
/** * handles http header reading for WebSocket upgrade * @param client WSclient_t * ///< pointer to the client struct * @param headerLine String ///< the header being read / processed */ void WebSocketsServer::handleHeader(WSclient_t * client, String * headerLine) { headerLine->trim(); // remove \r if(headerLine->length() > 0) { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] RX: %s\n", client->num, headerLine->c_str()); // websocket requests always start with GET see rfc6455 if(headerLine->startsWith("GET ")) { // cut URL out client->cUrl = headerLine->substring(4, headerLine->indexOf(' ', 4)); //reset non-websocket http header validation state for this client client->cHttpHeadersValid = true; client->cMandatoryHeadersCount = 0; } else if(headerLine->indexOf(':')) { String headerName = headerLine->substring(0, headerLine->indexOf(':')); String headerValue = headerLine->substring(headerLine->indexOf(':') + 2); if(headerName.equalsIgnoreCase("Connection")) { headerValue.toLowerCase(); if(headerValue.indexOf("upgrade") >= 0) { client->cIsUpgrade = true; } } else if(headerName.equalsIgnoreCase("Upgrade")) { if(headerValue.equalsIgnoreCase("websocket")) { client->cIsWebsocket = true; } } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Version")) { client->cVersion = headerValue.toInt(); } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Key")) { client->cKey = headerValue; client->cKey.trim(); // see rfc6455 } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Protocol")) { client->cProtocol = headerValue; } else if(headerName.equalsIgnoreCase("Sec-WebSocket-Extensions")) { client->cExtensions = headerValue; } else if(headerName.equalsIgnoreCase("Authorization")) { client->base64Authorization = headerValue; } else { client->cHttpHeadersValid &= execHttpHeaderValidation(headerName, headerValue); if (_mandatoryHttpHeaderCount > 0 && hasMandatoryHeader(headerName)) { client->cMandatoryHeadersCount++; } } } else { DEBUG_WEBSOCKETS("[WS-Client][handleHeader] Header error (%s)\n", headerLine->c_str()); } (*headerLine) = ""; #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266_ASYNC) client->tcp->readStringUntil('\n', &(client->cHttpLine), std::bind(&WebSocketsServer::handleHeader, this, client, &(client->cHttpLine))); #endif } else { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] Header read fin.\n", client->num); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cURL: %s\n", client->num, client->cUrl.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cIsUpgrade: %d\n", client->num, client->cIsUpgrade); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cIsWebsocket: %d\n", client->num, client->cIsWebsocket); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cKey: %s\n", client->num, client->cKey.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cProtocol: %s\n", client->num, client->cProtocol.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cExtensions: %s\n", client->num, client->cExtensions.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cVersion: %d\n", client->num, client->cVersion); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - base64Authorization: %s\n", client->num, client->base64Authorization.c_str()); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cHttpHeadersValid: %d\n", client->num, client->cHttpHeadersValid); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - cMandatoryHeadersCount: %d\n", client->num, client->cMandatoryHeadersCount); bool ok = (client->cIsUpgrade && client->cIsWebsocket); if(ok) { if(client->cUrl.length() == 0) { ok = false; } if(client->cKey.length() == 0) { ok = false; } if(client->cVersion != 13) { ok = false; } if(!client->cHttpHeadersValid) { ok = false; } if (client->cMandatoryHeadersCount != _mandatoryHttpHeaderCount) { ok = false; } } if(_base64Authorization.length() > 0) { if(client->base64Authorization.length() > 0) { String auth = "Basic "; auth += _base64Authorization; if(auth != client->base64Authorization) { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] HTTP Authorization failed!\n", client->num); handleAuthorizationFailed(client); return; } } else { ok = false; } } if(ok) { DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] Websocket connection incoming.\n", client->num); // generate Sec-WebSocket-Accept key String sKey = acceptKey(client->cKey); DEBUG_WEBSOCKETS("[WS-Server][%d][handleHeader] - sKey: %s\n", client->num, sKey.c_str()); client->status = WSC_CONNECTED; client->tcp->write("HTTP/1.1 101 Switching Protocols\r\n" "Server: arduino-WebSocketsServer\r\n" "Upgrade: websocket\r\n" "Connection: Upgrade\r\n" "Sec-WebSocket-Version: 13\r\n" "Sec-WebSocket-Accept: "); client->tcp->write(sKey.c_str(), sKey.length()); if(_origin.length() > 0) { String origin = "\r\nAccess-Control-Allow-Origin: "; origin += _origin; origin += "\r\n"; client->tcp->write(origin.c_str(), origin.length()); } if(client->cProtocol.length() > 0) { String protocol = "\r\nSec-WebSocket-Protocol: "; protocol += _protocol; protocol += "\r\n"; client->tcp->write(protocol.c_str(), protocol.length()); } else { client->tcp->write("\r\n"); } // header end client->tcp->write("\r\n"); headerDone(client); // send ping WebSockets::sendFrame(client, WSop_ping); runCbEvent(client->num, WStype_CONNECTED, (uint8_t *) client->cUrl.c_str(), client->cUrl.length()); } else { handleNonWebsocketConnection(client); } } }