bool WebSocketHandshake::checkResponseHeaders()
{
const String& serverWebSocketLocation = this->serverWebSocketLocation();
const String& serverWebSocketOrigin = this->serverWebSocketOrigin();
const String& serverWebSocketProtocol = this->serverWebSocketProtocol();
const String& serverUpgrade = this->serverUpgrade();
const String& serverConnection = this->serverConnection();
if (serverUpgrade.isNull()) {
m_failureReason = "Error during WebSocket handshake: 'Upgrade' header is missing";
return false;
}
if (serverConnection.isNull()) {
m_failureReason = "Error during WebSocket handshake: 'Connection' header is missing";
return false;
}
if (serverWebSocketOrigin.isNull()) {
m_failureReason = "Error during WebSocket handshake: 'Sec-WebSocket-Origin' header is missing";
return false;
}
if (serverWebSocketLocation.isNull()) {
m_failureReason = "Error during WebSocket handshake: 'Sec-WebSocket-Location' header is missing";
return false;
}
if (!equalIgnoringCase(serverUpgrade, "websocket")) {
m_failureReason = "Error during WebSocket handshake: 'Upgrade' header value is not 'WebSocket'";
return false;
}
if (!equalIgnoringCase(serverConnection, "upgrade")) {
m_failureReason = "Error during WebSocket handshake: 'Connection' header value is not 'Upgrade'";
return false;
}
if (clientOrigin() != serverWebSocketOrigin) {
m_failureReason = "Error during WebSocket handshake: origin mismatch: " + clientOrigin() + " != " + serverWebSocketOrigin;
return false;
}
if (clientLocation() != serverWebSocketLocation) {
m_failureReason = "Error during WebSocket handshake: location mismatch: " + clientLocation() + " != " + serverWebSocketLocation;
return false;
}
if (!m_clientProtocol.isEmpty() && m_clientProtocol != serverWebSocketProtocol) {
m_failureReason = "Error during WebSocket handshake: protocol mismatch: " + m_clientProtocol + " != " + serverWebSocketProtocol;
return false;
}
return true;
}
PassRefPtr<WebSocketHandshakeRequest> WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
// FIXME: do we need to store m_secWebSocketKey1, m_secWebSocketKey2 and
// m_key3 in WebSocketHandshakeRequest?
RefPtr<WebSocketHandshakeRequest> request = WebSocketHandshakeRequest::create("GET", m_url);
request->addHeaderField("Upgrade", "websocket");
request->addHeaderField("Connection", "Upgrade");
request->addHeaderField("Host", hostName(m_url, m_secure));
request->addHeaderField("Origin", clientOrigin());
if (!m_clientProtocol.isEmpty())
request->addHeaderField("Sec-WebSocket-Protocol", m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
request->addHeaderField("Cookie", cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
request->addHeaderField("Pragma", "no-cache");
request->addHeaderField("Cache-Control", "no-cache");
request->addHeaderField("Sec-WebSocket-Key", m_secWebSocketKey);
request->addHeaderField("Sec-WebSocket-Version", "13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
request->addHeaderField("Sec-WebSocket-Extensions", extensionValue);
return request.release();
}
WebSocketHandshakeRequest WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
// FIXME: do we need to store m_secWebSocketKey1, m_secWebSocketKey2 and
// m_key3 in WebSocketHandshakeRequest?
WebSocketHandshakeRequest request("GET", m_url);
request.addHeaderField("Upgrade", "WebSocket");
request.addHeaderField("Connection", "Upgrade");
request.addHeaderField("Host", hostName(m_url, m_secure));
request.addHeaderField("Origin", clientOrigin());
if (!m_clientProtocol.isEmpty())
request.addHeaderField("Sec-WebSocket-Protocol:", m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
request.addHeaderField("Cookie", cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
request.addHeaderField("Sec-WebSocket-Key1", m_secWebSocketKey1);
request.addHeaderField("Sec-WebSocket-Key2", m_secWebSocketKey2);
request.setKey3(m_key3);
return request;
}
ResourceRequest WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
ResourceRequest request(m_url);
request.setHTTPMethod("GET");
request.setHTTPHeaderField(HTTPHeaderName::Connection, "Upgrade");
request.setHTTPHeaderField(HTTPHeaderName::Host, hostName(m_url, m_secure));
request.setHTTPHeaderField(HTTPHeaderName::Origin, clientOrigin());
if (!m_clientProtocol.isEmpty())
request.setHTTPHeaderField(HTTPHeaderName::SecWebSocketProtocol, m_clientProtocol);
URL url = httpURLForAuthenticationAndCookies();
if (m_allowCookies && m_document) {
String cookie = cookieRequestHeaderFieldValue(*m_document, url);
if (!cookie.isEmpty())
request.setHTTPHeaderField(HTTPHeaderName::Cookie, cookie);
}
request.setHTTPHeaderField(HTTPHeaderName::Pragma, "no-cache");
request.setHTTPHeaderField(HTTPHeaderName::CacheControl, "no-cache");
request.setHTTPHeaderField(HTTPHeaderName::SecWebSocketKey, m_secWebSocketKey);
request.setHTTPHeaderField(HTTPHeaderName::SecWebSocketVersion, "13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
request.setHTTPHeaderField(HTTPHeaderName::SecWebSocketExtensions, extensionValue);
// Add a User-Agent header.
request.setHTTPHeaderField(HTTPHeaderName::UserAgent, m_document->userAgent(m_document->url()));
return request;
}
void WebSocketHandshake::checkResponseHeaders()
{
ASSERT(m_mode == Normal);
m_mode = Failed;
if (m_wsOrigin.isNull()) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'websocket-origin' header is missing", 0, clientOrigin());
return;
}
if (m_wsLocation.isNull()) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'websocket-location' header is missing", 0, clientOrigin());
return;
}
if (clientOrigin() != m_wsOrigin) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: origin mismatch: " + clientOrigin() + " != " + m_wsOrigin, 0, clientOrigin());
return;
}
if (clientLocation() != m_wsLocation) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: location mismatch: " + clientLocation() + " != " + m_wsLocation, 0, clientOrigin());
return;
}
if (!m_clientProtocol.isEmpty() && m_clientProtocol != m_wsProtocol) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: protocol mismatch: " + m_clientProtocol + " != " + m_wsProtocol, 0, clientOrigin());
return;
}
m_mode = Connected;
return;
}
CString WebSocketHandshake::clientHandshakeMessage() const
{
// Keep the following consistent with clientHandshakeRequest().
StringBuilder builder;
builder.append("GET ");
builder.append(resourceName(m_url));
builder.append(" HTTP/1.1\r\n");
Vector<String> fields;
fields.append("Upgrade: websocket");
fields.append("Connection: Upgrade");
fields.append("Host: " + hostName(m_url, m_secure));
fields.append("Origin: " + clientOrigin());
if (!m_clientProtocol.isEmpty())
fields.append("Sec-WebSocket-Protocol: " + m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = toDocument(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
fields.append("Cookie: " + cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
// Add no-cache headers to avoid compatibility issue.
// There are some proxies that rewrite "Connection: upgrade"
// to "Connection: close" in the response if a request doesn't contain
// these headers.
fields.append("Pragma: no-cache");
fields.append("Cache-Control: no-cache");
fields.append("Sec-WebSocket-Key: " + m_secWebSocketKey);
fields.append("Sec-WebSocket-Version: 13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
fields.append("Sec-WebSocket-Extensions: " + extensionValue);
// Add a User-Agent header.
fields.append("User-Agent: " + m_context->userAgent(m_context->url()));
// Fields in the handshake are sent by the client in a random order; the
// order is not meaningful. Thus, it's ok to send the order we constructed
// the fields.
for (size_t i = 0; i < fields.size(); i++) {
builder.append(fields[i]);
builder.append("\r\n");
}
builder.append("\r\n");
return builder.toString().utf8();
}
bool WebSocketHandshake::checkResponseHeaders()
{
const String& serverWebSocketLocation = this->serverWebSocketLocation();
const String& serverWebSocketOrigin = this->serverWebSocketOrigin();
const String& serverWebSocketProtocol = this->serverWebSocketProtocol();
const String& serverUpgrade = this->serverUpgrade();
const String& serverConnection = this->serverConnection();
if (serverUpgrade.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Upgrade' header is missing", 0, clientOrigin(), 0);
return false;
}
if (serverConnection.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Connection' header is missing", 0, clientOrigin(), 0);
return false;
}
if (serverWebSocketOrigin.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Sec-WebSocket-Origin' header is missing", 0, clientOrigin(), 0);
return false;
}
if (serverWebSocketLocation.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Sec-WebSocket-Location' header is missing", 0, clientOrigin(), 0);
return false;
}
if (!equalIgnoringCase(serverUpgrade, "websocket")) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Upgrade' header value is not 'WebSocket'", 0, clientOrigin(), 0);
return false;
}
if (!equalIgnoringCase(serverConnection, "upgrade")) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: 'Connection' header value is not 'Upgrade'", 0, clientOrigin(), 0);
return false;
}
if (clientOrigin() != serverWebSocketOrigin) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: origin mismatch: " + clientOrigin() + " != " + serverWebSocketOrigin, 0, clientOrigin(), 0);
return false;
}
if (clientLocation() != serverWebSocketLocation) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: location mismatch: " + clientLocation() + " != " + serverWebSocketLocation, 0, clientOrigin(), 0);
return false;
}
if (!m_clientProtocol.isEmpty() && m_clientProtocol != serverWebSocketProtocol) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Error during WebSocket handshake: protocol mismatch: " + m_clientProtocol + " != " + serverWebSocketProtocol, 0, clientOrigin(), 0);
return false;
}
return true;
}
WebSocketHandshakeRequest WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
WebSocketHandshakeRequest request(m_url, clientOrigin(), m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
request.addExtraHeaderField("Cookie", cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
return request;
}
CString WebSocketHandshake::clientHandshakeMessage() const
{
// Keep the following consistent with clientHandshakeRequest().
StringBuilder builder;
builder.append("GET ");
builder.append(resourceName(m_url));
builder.append(" HTTP/1.1\r\n");
Vector<String> fields;
fields.append("Upgrade: WebSocket");
fields.append("Connection: Upgrade");
fields.append("Host: " + hostName(m_url, m_secure));
fields.append("Origin: " + clientOrigin());
if (!m_clientProtocol.isEmpty())
fields.append("Sec-WebSocket-Protocol: " + m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
fields.append("Cookie: " + cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
fields.append("Sec-WebSocket-Key1: " + m_secWebSocketKey1);
fields.append("Sec-WebSocket-Key2: " + m_secWebSocketKey2);
// Fields in the handshake are sent by the client in a random order; the
// order is not meaningful. Thus, it's ok to send the order we constructed
// the fields.
for (size_t i = 0; i < fields.size(); i++) {
builder.append(fields[i]);
builder.append("\r\n");
}
builder.append("\r\n");
CString handshakeHeader = builder.toString().utf8();
char* characterBuffer = 0;
CString msg = CString::newUninitialized(handshakeHeader.length() + sizeof(m_key3), characterBuffer);
memcpy(characterBuffer, handshakeHeader.data(), handshakeHeader.length());
memcpy(characterBuffer + handshakeHeader.length(), m_key3, sizeof(m_key3));
return msg;
}
CString WebSocketHandshake::clientHandshakeMessage() const
{
// Keep the following consistent with clientHandshakeRequest().
StringBuilder builder;
builder.append("GET ");
builder.append(resourceName(m_url));
builder.append(" HTTP/1.1\r\n");
Vector<String> fields;
fields.append("Upgrade: websocket");
fields.append("Connection: Upgrade");
fields.append("Host: " + hostName(m_url, m_secure));
fields.append("Origin: " + clientOrigin());
if (!m_clientProtocol.isEmpty())
fields.append("Sec-WebSocket-Protocol: " + m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
fields.append("Cookie: " + cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
fields.append("Sec-WebSocket-Key: " + m_secWebSocketKey);
fields.append("Sec-WebSocket-Version: 13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
fields.append("Sec-WebSocket-Extensions: " + extensionValue);
// Fields in the handshake are sent by the client in a random order; the
// order is not meaningful. Thus, it's ok to send the order we constructed
// the fields.
for (size_t i = 0; i < fields.size(); i++) {
builder.append(fields[i]);
builder.append("\r\n");
}
builder.append("\r\n");
return builder.toString().utf8();
}
CString WebSocketHandshake::clientHandshakeMessage() const
{
StringBuilder builder;
builder.append("GET ");
builder.append(resourceName(m_url));
builder.append(" HTTP/1.1\r\n");
builder.append("Upgrade: WebSocket\r\n");
builder.append("Connection: Upgrade\r\n");
builder.append("Host: ");
builder.append(m_url.host().lower());
if (m_url.port()) {
if ((!m_secure && m_url.port() != 80) || (m_secure && m_url.port() != 443)) {
builder.append(":");
builder.append(String::number(m_url.port()));
}
}
builder.append("\r\n");
builder.append("Origin: ");
builder.append(clientOrigin());
builder.append("\r\n");
if (!m_clientProtocol.isEmpty()) {
builder.append("WebSocket-Protocol: ");
builder.append(m_clientProtocol);
builder.append("\r\n");
}
KURL url = httpURLForAuthenticationAndCookies();
// FIXME: set authentication information or cookies for url.
// Set "Authorization: <credentials>" if authentication information exists for url.
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty()) {
builder.append("Cookie: ");
builder.append(cookie);
builder.append("\r\n");
}
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
builder.append("\r\n");
return builder.toString().utf8();
}
WebSocketHandshakeRequest WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
// FIXME: do we need to store m_secWebSocketKey1, m_secWebSocketKey2 and
// m_key3 in WebSocketHandshakeRequest?
WebSocketHandshakeRequest request("GET", m_url);
if (m_useHixie76Protocol)
request.addHeaderField("Upgrade", "WebSocket");
else
request.addHeaderField("Upgrade", "websocket");
request.addHeaderField("Connection", "Upgrade");
request.addHeaderField("Host", hostName(m_url, m_secure));
request.addHeaderField("Origin", clientOrigin());
if (!m_clientProtocol.isEmpty())
request.addHeaderField("Sec-WebSocket-Protocol:", m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
request.addHeaderField("Cookie", cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
if (m_useHixie76Protocol) {
request.addHeaderField("Sec-WebSocket-Key1", m_hixie76SecWebSocketKey1);
request.addHeaderField("Sec-WebSocket-Key2", m_hixie76SecWebSocketKey2);
request.setKey3(m_hixie76Key3);
} else {
request.addHeaderField("Sec-WebSocket-Key", m_secWebSocketKey);
request.addHeaderField("Sec-WebSocket-Version", "13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
request.addHeaderField("Sec-WebSocket-Extensions", extensionValue);
}
return request;
}
ResourceRequest WebSocketHandshake::clientHandshakeRequest() const
{
// Keep the following consistent with clientHandshakeMessage().
// FIXME: do we need to store m_secWebSocketKey1, m_secWebSocketKey2 and
// m_key3 in the request?
ResourceRequest request(m_url);
request.setHTTPMethod("GET");
request.addHTTPHeaderField("Connection", "Upgrade");
request.addHTTPHeaderField("Host", hostName(m_url, m_secure));
request.addHTTPHeaderField("Origin", clientOrigin());
if (!m_clientProtocol.isEmpty())
request.addHTTPHeaderField("Sec-WebSocket-Protocol", m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = toDocument(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
request.addHTTPHeaderField("Cookie", cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
request.addHTTPHeaderField("Pragma", "no-cache");
request.addHTTPHeaderField("Cache-Control", "no-cache");
request.addHTTPHeaderField("Sec-WebSocket-Key", m_secWebSocketKey);
request.addHTTPHeaderField("Sec-WebSocket-Version", "13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
request.addHTTPHeaderField("Sec-WebSocket-Extensions", extensionValue);
// Add a User-Agent header.
request.addHTTPHeaderField("User-Agent", m_context->userAgent(m_context->url()));
return request;
}
CString WebSocketHandshake::clientHandshakeMessage() const
{
// Keep the following consistent with clientHandshakeRequest().
StringBuilder builder;
builder.append("GET ");
builder.append(resourceName(m_url));
builder.append(" HTTP/1.1\r\n");
Vector<String> fields;
if (m_useHixie76Protocol)
fields.append("Upgrade: WebSocket");
else
fields.append("Upgrade: websocket");
fields.append("Connection: Upgrade");
fields.append("Host: " + hostName(m_url, m_secure));
fields.append("Origin: " + clientOrigin());
if (!m_clientProtocol.isEmpty())
fields.append("Sec-WebSocket-Protocol: " + m_clientProtocol);
KURL url = httpURLForAuthenticationAndCookies();
if (m_context->isDocument()) {
Document* document = static_cast<Document*>(m_context);
String cookie = cookieRequestHeaderFieldValue(document, url);
if (!cookie.isEmpty())
fields.append("Cookie: " + cookie);
// Set "Cookie2: <cookie>" if cookies 2 exists for url?
}
if (m_useHixie76Protocol) {
fields.append("Sec-WebSocket-Key1: " + m_hixie76SecWebSocketKey1);
fields.append("Sec-WebSocket-Key2: " + m_hixie76SecWebSocketKey2);
} else {
fields.append("Sec-WebSocket-Key: " + m_secWebSocketKey);
fields.append("Sec-WebSocket-Version: 13");
const String extensionValue = m_extensionDispatcher.createHeaderValue();
if (extensionValue.length())
fields.append("Sec-WebSocket-Extensions: " + extensionValue);
}
// Fields in the handshake are sent by the client in a random order; the
// order is not meaningful. Thus, it's ok to send the order we constructed
// the fields.
for (size_t i = 0; i < fields.size(); i++) {
builder.append(fields[i]);
builder.append("\r\n");
}
builder.append("\r\n");
CString handshakeHeader = builder.toString().utf8();
// Hybi-10 handshake is complete at this point.
if (!m_useHixie76Protocol)
return handshakeHeader;
// Hixie-76 protocol requires sending eight-byte data (so-called "key3") after the request header fields.
char* characterBuffer = 0;
CString msg = CString::newUninitialized(handshakeHeader.length() + sizeof(m_hixie76Key3), characterBuffer);
memcpy(characterBuffer, handshakeHeader.data(), handshakeHeader.length());
memcpy(characterBuffer + handshakeHeader.length(), m_hixie76Key3, sizeof(m_hixie76Key3));
return msg;
}
const char* WebSocketHandshake::readHTTPHeaders(const char* start, const char* end)
{
m_response.clearHeaderFields();
Vector<char> name;
Vector<char> value;
for (const char* p = start; p < end; p++) {
name.clear();
value.clear();
for (; p < end; p++) {
switch (*p) {
case '\r':
if (name.isEmpty()) {
if (p + 1 < end && *(p + 1) == '\n')
return p + 2;
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "CR doesn't follow LF at " + trimConsoleMessage(p, end - p), 0, clientOrigin(), 0);
return 0;
}
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected CR in name at " + trimConsoleMessage(name.data(), name.size()), 0, clientOrigin(), 0);
return 0;
case '\n':
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected LF in name at " + trimConsoleMessage(name.data(), name.size()), 0, clientOrigin(), 0);
return 0;
case ':':
break;
default:
name.append(*p);
continue;
}
if (*p == ':') {
++p;
break;
}
}
for (; p < end && *p == 0x20; p++) { }
for (; p < end; p++) {
switch (*p) {
case '\r':
break;
case '\n':
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected LF in value at " + trimConsoleMessage(value.data(), value.size()), 0, clientOrigin(), 0);
return 0;
default:
value.append(*p);
}
if (*p == '\r') {
++p;
break;
}
}
if (p >= end || *p != '\n') {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "CR doesn't follow LF after value at " + trimConsoleMessage(p, end - p), 0, clientOrigin(), 0);
return 0;
}
AtomicString nameStr = AtomicString::fromUTF8(name.data(), name.size());
String valueStr = String::fromUTF8(value.data(), value.size());
if (nameStr.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "invalid UTF-8 sequence in header name", 0, clientOrigin(), 0);
return 0;
}
if (valueStr.isNull()) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "invalid UTF-8 sequence in header value", 0, clientOrigin(), 0);
return 0;
}
LOG(Network, "name=%s value=%s", nameStr.string().utf8().data(), valueStr.utf8().data());
m_response.addHeaderField(nameStr, valueStr);
}
ASSERT_NOT_REACHED();
return 0;
}
// Returns the header length (including "\r\n"), or -1 if we have not received enough data yet.
// If the line is malformed or the status code is not a 3-digit number,
// statusCode and statusText will be set to -1 and a null string, respectively.
int WebSocketHandshake::readStatusLine(const char* header, size_t headerLength, int& statusCode, String& statusText)
{
// Arbitrary size limit to prevent the server from sending an unbounded
// amount of data with no newlines and forcing us to buffer it all.
static const int maximumLength = 1024;
statusCode = -1;
statusText = String();
const char* space1 = 0;
const char* space2 = 0;
const char* p;
size_t consumedLength;
for (p = header, consumedLength = 0; consumedLength < headerLength; p++, consumedLength++) {
if (*p == ' ') {
if (!space1)
space1 = p;
else if (!space2)
space2 = p;
} else if (*p == '\0') {
// The caller isn't prepared to deal with null bytes in status
// line. WebSockets specification doesn't prohibit this, but HTTP
// does, so we'll just treat this as an error.
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Status line contains embedded null", 0, clientOrigin(), 0);
return p + 1 - header;
} else if (*p == '\n')
break;
}
if (consumedLength == headerLength)
return -1; // We have not received '\n' yet.
const char* end = p + 1;
int lineLength = end - header;
if (lineLength > maximumLength) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Status line is too long", 0, clientOrigin(), 0);
return maximumLength;
}
// The line must end with "\r\n".
if (lineLength < 2 || *(end - 2) != '\r') {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Status line does not end with CRLF", 0, clientOrigin(), 0);
return lineLength;
}
if (!space1 || !space2) {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "No response code found: " + trimConsoleMessage(header, lineLength - 2), 0, clientOrigin(), 0);
return lineLength;
}
String statusCodeString(space1 + 1, space2 - space1 - 1);
if (statusCodeString.length() != 3) // Status code must consist of three digits.
return lineLength;
for (int i = 0; i < 3; ++i)
if (statusCodeString[i] < '0' || statusCodeString[i] > '9') {
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Invalid status code: " + statusCodeString, 0, clientOrigin(), 0);
return lineLength;
}
bool ok = false;
statusCode = statusCodeString.toInt(&ok);
ASSERT(ok);
statusText = String(space2 + 1, end - space2 - 3); // Exclude "\r\n".
return lineLength;
}
int WebSocketHandshake::readServerHandshake(const char* header, size_t len)
{
m_mode = Incomplete;
int statusCode;
String statusText;
int lineLength = readStatusLine(header, len, statusCode, statusText);
if (lineLength == -1)
return -1;
if (statusCode == -1) {
m_mode = Failed;
return len;
}
LOG(Network, "response code: %d", statusCode);
m_response.setStatusCode(statusCode);
m_response.setStatusText(statusText);
if (statusCode != 101) {
m_mode = Failed;
m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected response code: " + String::number(statusCode), 0, clientOrigin(), 0);
return len;
}
m_mode = Normal;
if (!strnstr(header, "\r\n\r\n", len)) {
// Just hasn't been received fully yet.
m_mode = Incomplete;
return -1;
}
const char* p = readHTTPHeaders(header + lineLength, header + len);
if (!p) {
LOG(Network, "readHTTPHeaders failed");
m_mode = Failed;
return len;
}
if (!checkResponseHeaders()) {
LOG(Network, "header process failed");
m_mode = Failed;
return p - header;
}
if (len < static_cast<size_t>(p - header + sizeof(m_expectedChallengeResponse))) {
// Just hasn't been received /expected/ yet.
m_mode = Incomplete;
return -1;
}
m_response.setChallengeResponse(static_cast<const unsigned char*>(static_cast<const void*>(p)));
if (memcmp(p, m_expectedChallengeResponse, sizeof(m_expectedChallengeResponse))) {
m_mode = Failed;
return (p - header) + sizeof(m_expectedChallengeResponse);
}
m_mode = Connected;
return (p - header) + sizeof(m_expectedChallengeResponse);
}
int WebSocketHandshake::readServerHandshake(const char* header, size_t len)
{
m_mode = Incomplete;
if (len < sizeof(webSocketServerHandshakeHeader) - 1) {
// Just hasn't been received fully yet.
return -1;
}
if (!memcmp(header, webSocketServerHandshakeHeader, sizeof(webSocketServerHandshakeHeader) - 1))
m_mode = Normal;
else {
const String& code = extractResponseCode(header, len);
if (code.isNull()) {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Short server handshake: " + String(header, len), 0, clientOrigin());
return -1;
}
if (code.isEmpty()) {
m_mode = Failed;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "No response code found: " + String(header, len), 0, clientOrigin());
return len;
}
LOG(Network, "response code: %s", code.utf8().data());
if (code == "401") {
m_mode = Failed;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Authentication required, but not implemented yet.", 0, clientOrigin());
return len;
} else {
m_mode = Failed;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected response code:" + code, 0, clientOrigin());
return len;
}
}
const char* p = header + sizeof(webSocketServerHandshakeHeader) - 1;
const char* end = header + len + 1;
if (m_mode == Normal) {
size_t headerSize = end - p;
if (headerSize < sizeof(webSocketUpgradeHeader) - 1) {
m_mode = Incomplete;
return 0;
}
if (memcmp(p, webSocketUpgradeHeader, sizeof(webSocketUpgradeHeader) - 1)) {
m_mode = Failed;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Bad Upgrade header: " + String(p, end - p), 0, clientOrigin());
return p - header + sizeof(webSocketUpgradeHeader) - 1;
}
p += sizeof(webSocketUpgradeHeader) - 1;
headerSize = end - p;
if (headerSize < sizeof(webSocketConnectionHeader) - 1) {
m_mode = Incomplete;
return -1;
}
if (memcmp(p, webSocketConnectionHeader, sizeof(webSocketConnectionHeader) - 1)) {
m_mode = Failed;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Bad Connection header: " + String(p, end - p), 0, clientOrigin());
return p - header + sizeof(webSocketConnectionHeader) - 1;
}
p += sizeof(webSocketConnectionHeader) - 1;
}
if (!strnstr(p, "\r\n\r\n", end - p)) {
// Just hasn't been received fully yet.
m_mode = Incomplete;
return -1;
}
HTTPHeaderMap headers;
p = readHTTPHeaders(p, end, &headers);
if (!p) {
LOG(Network, "readHTTPHeaders failed");
m_mode = Failed;
return len;
}
if (!processHeaders(headers)) {
LOG(Network, "header process failed");
m_mode = Failed;
return p - header;
}
switch (m_mode) {
case Normal:
checkResponseHeaders();
break;
default:
m_mode = Failed;
break;
}
return p - header;
}
const char* WebSocketHandshake::readHTTPHeaders(const char* start, const char* end, HTTPHeaderMap* headers)
{
Vector<char> name;
Vector<char> value;
for (const char* p = start; p < end; p++) {
name.clear();
value.clear();
for (; p < end; p++) {
switch (*p) {
case '\r':
if (name.isEmpty()) {
if (p + 1 < end && *(p + 1) == '\n')
return p + 2;
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "CR doesn't follow LF at " + String(p, end - p), 0, clientOrigin());
return 0;
}
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected CR in name at " + String(p, end - p), 0, clientOrigin());
return 0;
case '\n':
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected LF in name at " + String(p, end - p), 0, clientOrigin());
return 0;
case ':':
break;
default:
if (*p >= 0x41 && *p <= 0x5a)
name.append(*p + 0x20);
else
name.append(*p);
continue;
}
if (*p == ':') {
++p;
break;
}
}
for (; p < end && *p == 0x20; p++) { }
for (; p < end; p++) {
switch (*p) {
case '\r':
break;
case '\n':
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "Unexpected LF in value at " + String(p, end - p), 0, clientOrigin());
return 0;
default:
value.append(*p);
}
if (*p == '\r') {
++p;
break;
}
}
if (p >= end || *p != '\n') {
m_context->addMessage(ConsoleDestination, JSMessageSource, LogMessageType, ErrorMessageLevel, "CR doesn't follow LF after value at " + String(p, end - p), 0, clientOrigin());
return 0;
}
AtomicString nameStr(String::fromUTF8(name.data(), name.size()));
String valueStr = String::fromUTF8(value.data(), value.size());
LOG(Network, "name=%s value=%s", nameStr.string().utf8().data(), valueStr.utf8().data());
headers->add(nameStr, valueStr);
}
ASSERT_NOT_REACHED();
return 0;
}
