Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove case 7.7.8 (close code 1010 may not be used by server) #123

Open
JoakimCh opened this issue Jul 24, 2022 · 4 comments
Open

Remove case 7.7.8 (close code 1010 may not be used by server) #123

JoakimCh opened this issue Jul 24, 2022 · 4 comments
Labels
bug

Comments

@JoakimCh
Copy link

Case description: Send close with valid close code 1010

The problem is that code 1010 may NOT be used by the server.

From RFC6455:

1010 indicates that an endpoint (client) is terminating the
connection because it has expected the server to negotiate one or
more extension, but the server didn't return them in the response
message of the WebSocket handshake.  The list of extensions that
are needed SHOULD appear in the /reason/ part of the Close frame.
Note that this status code is not used by the server, because it
can fail the WebSocket handshake instead.
@oberstet
Copy link
Contributor

The spec text indeed seems pretty clear (not sure, was that added late in a revision? anyways): a test for this close code should only be run when testing clients, not servers.

@oberstet oberstet added the bug label Jul 25, 2022
@JoakimCh
Copy link
Author

JoakimCh commented Jul 25, 2022
edited

a test for this close code should only be run when testing clients, not servers.

I'm sorry but this statement doesn't make any sense to me since I was testing a client implementation when getting this code from the Autobahn test server.

The code COULD be tested against the client, but then as an INVALID code from the server, meaning the test must change.

But a second test for clients could be the actually described situation in the quote from RFC6455. Also servers could be testet to accept the code in such situations. If these tests are feasible to do I don't know though.

@oberstet
Copy link
Contributor

oberstet commented Jul 26, 2022
edited

ok, so since Autobahn supports the per-message deflate compession WebSocket extension, what could be added is testing a client

  • testee client requesting per-message deflate
  • fuzzing server not replying with (any) per-message deflate
  • testee client closes with 1010 <= good case tested for

realistically, I won't have time to add such stuff .. I'd rather simply remove 1010 from the list here

autobahn-testsuite/autobahntestsuite/autobahntestsuite/case/case7_7_X.py

Line 22 in 55339e7

tests = [1000,1001,1002,1003,1007,1008,1009,1010,1011,3000,3999,4000,4999]

in the end, just testing for close 1010 without being in the context of extension negotiation is bogus anyways ...

@JoakimCh
Copy link
Author

Sounds good to me! Such tests can be added at a later time.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@oberstet @JoakimCh