New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebSocketClientHandshaker13 Invalid Handshake #9134
Comments
@davydotcom do you have a reproducer ? |
Use websocket client in netty in any way and it’s very easily reproduced code is wrong in handshaker
…Sent from my iPhone
On May 8, 2019, at 3:12 AM, Norman Maurer ***@***.***> wrote:
@davydotcom do you have a reproducer ?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Maybe just open a pr if it’s so easy to fix. Sorry I am very busy atm
… Am 08.05.2019 um 13:17 schrieb David Estes ***@***.***>:
Use websocket client in netty in any way and it’s very easily reproduced code is wrong in handshaker
Sent from my iPhone
> On May 8, 2019, at 3:12 AM, Norman Maurer ***@***.***> wrote:
>
> @davydotcom do you have a reproducer ?
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub, or mute the thread.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
Sec-WebSocket-Origin is a Server to Client handshake not a Client to Server handshake header per the websocket RFC specification. This Resolves Issue netty#9134
Motivation: Based on https://tools.ietf.org/html/rfc6455#section-1.3 - for non-browser clients, Origin header field may be sent if it makes sense in the context of those clients. Modification: Replace Sec-WebSocket-Origin to Origin Result: Fixes #9134 .
Motivation: Based on https://tools.ietf.org/html/rfc6455#section-1.3 - for non-browser clients, Origin header field may be sent if it makes sense in the context of those clients. Modification: Replace Sec-WebSocket-Origin to Origin Result: Fixes #9134 .
We use Netty through Vert.x for a proxy application. For some of our websocket tests we modify the "origin" header of the client requests. This does not work anymore due to the changes here. Also we need to pass the "origin" header downstream. This is not possible anymore and we are stuck here. Maybe you can change the behaviour and set the "origin" header only if it is not already present? |
Resolved in #9435. Sorry for the duplicate comment. |
Expected behavior
Origin Header should be sent on handshake
Actual behavior
Sec-WebSocket-Origin Header is sent instead which is not a client handshake but rather a server to client origin handshake per the Specification
The text was updated successfully, but these errors were encountered: