Context Navigation

Changeset 112377 in webkit

Timestamp:

Mar 28, 2012 2:12:00 AM (12 years ago)

Author:

commit-queue@webkit.org

Message:

[WebSocket]The Sec-WebSocket-Protocol must not appear more than once in an HTTP response
https://bugs.webkit.org/show_bug.cgi?id=82432

Patch by Li Yin <li.yin@intel.com> on 2012-03-28
Reviewed by Kent Tamura.

Source/WebCore:

From RFC6455: http://tools.ietf.org/html/rfc6455#section-11.3.4
The |Sec-WebSocket-Protocol| header field must not appear
more than once in an HTTP response.

Test: http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html

(WebCore::WebSocketHandshake::readHTTPHeaders):

LayoutTests:

From RFC6455: http://tools.ietf.org/html/rfc6455#section-11.3.4
The |Sec-WebSocket-Protocol| header field must not appear
more than once in an HTTP response.

http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header-expected.txt: Added.
http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html: Added.
http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header_wsh.py: Added.

(web_socket_do_extra_handshake):
(web_socket_transfer_data):

Location:

trunk

Files:

-                      r112374
+                      r112377
+-03-28  Li Yin  <li.yin@intel.com>
+        [WebSocket]The Sec-WebSocket-Protocol must not appear more than once in an HTTP response
+        https://bugs.webkit.org/show_bug.cgi?id=82432
+        Reviewed by Kent Tamura.
+        From RFC6455: http://tools.ietf.org/html/rfc6455#section-11.3.4
+        The |Sec-WebSocket-Protocol| header field must not appear
+        more than once in an HTTP response.
+        * http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header-expected.txt: Added.
+        * http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html: Added.
+        * http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header_wsh.py: Added.
+        (web_socket_do_extra_handshake):
+        (web_socket_transfer_data):
 -03-28  Philippe Normand  <pnormand@igalia.com>

-                      r112364
+                      r112377
+-03-28  Li Yin  <li.yin@intel.com>
+        [WebSocket]The Sec-WebSocket-Protocol must not appear more than once in an HTTP response
+        https://bugs.webkit.org/show_bug.cgi?id=82432
+        Reviewed by Kent Tamura.
+        From RFC6455: http://tools.ietf.org/html/rfc6455#section-11.3.4
+        The |Sec-WebSocket-Protocol| header field must not appear
+        more than once in an HTTP response.
+        Test: http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html
+        * Modules/websockets/WebSocketHandshake.cpp:
+        (WebCore::WebSocketHandshake::readHTTPHeaders):
 -03-27  James Robinson  <jamesr@chromium.org>

-                      r111554
+                      r112377
     Vector<char> value;
     bool sawSecWebSocketAcceptHeaderField = false;
+    bool sawSecWebSocketProtocolHeaderField = false;
     for (const char* p = start; p < end; p++) {
         name.clear();
 …
             m_response.addHeaderField(nameStr, valueStr);
             sawSecWebSocketAcceptHeaderField = true;
+        } else if (equalIgnoringCase("Sec-WebSocket-Protocol", nameStr)) {
+            if (sawSecWebSocketProtocolHeaderField) {
+                m_failureReason = "The Sec-WebSocket-Protocol header MUST NOT appear more than once in an HTTP response";
+                return 0;
+            }
+            m_response.addHeaderField(nameStr, valueStr);
+            sawSecWebSocketProtocolHeaderField = true;
         } else
             m_response.addHeaderField(nameStr, valueStr);

Note: See TracChangeset for help on using the changeset viewer.