Improve bad handshake error text

Change the error text for bad handshake errors from

    websocket: not a websocket handshake:

to:

    websocket: the client is not using the websocket protocol:

The new text should be more helpful to developers who do not know or
understand the details of the protocol.

Test for bad handshake before other request errors.
This commit is contained in:
Gary Burd 2017-11-30 16:45:44 -08:00 committed by GitHub
parent 2b58522131
commit 8c6cfd493d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 21 additions and 11 deletions

View File

@ -398,9 +398,17 @@ func TestBadMethod(t *testing.T) {
})) }))
defer s.Close() defer s.Close()
resp, err := http.PostForm(s.URL, url.Values{}) req, err := http.NewRequest("POST", s.URL, strings.NewReader(""))
if err != nil { if err != nil {
t.Fatalf("PostForm returned error %v", err) t.Fatalf("NewRequest returned error %v", err)
}
req.Header.Set("Connection", "upgrade")
req.Header.Set("Upgrade", "websocket")
req.Header.Set("Sec-Websocket-Version", "13")
resp, err := http.DefaultClient.Do(req)
if err != nil {
t.Fatalf("Do returned error %v", err)
} }
resp.Body.Close() resp.Body.Close()
if resp.StatusCode != http.StatusMethodNotAllowed { if resp.StatusCode != http.StatusMethodNotAllowed {

View File

@ -104,26 +104,28 @@ func (u *Upgrader) selectSubprotocol(r *http.Request, responseHeader http.Header
// If the upgrade fails, then Upgrade replies to the client with an HTTP error // If the upgrade fails, then Upgrade replies to the client with an HTTP error
// response. // response.
func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header) (*Conn, error) { func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header) (*Conn, error) {
if r.Method != "GET" { const badHandshake = "websocket: the client is not using the websocket protocol: "
return u.returnError(w, r, http.StatusMethodNotAllowed, "websocket: not a websocket handshake: request method is not GET")
}
if _, ok := responseHeader["Sec-Websocket-Extensions"]; ok {
return u.returnError(w, r, http.StatusInternalServerError, "websocket: application specific 'Sec-Websocket-Extensions' headers are unsupported")
}
if !tokenListContainsValue(r.Header, "Connection", "upgrade") { if !tokenListContainsValue(r.Header, "Connection", "upgrade") {
return u.returnError(w, r, http.StatusBadRequest, "websocket: not a websocket handshake: 'upgrade' token not found in 'Connection' header") return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'upgrade' token not found in 'Connection' header")
} }
if !tokenListContainsValue(r.Header, "Upgrade", "websocket") { if !tokenListContainsValue(r.Header, "Upgrade", "websocket") {
return u.returnError(w, r, http.StatusBadRequest, "websocket: not a websocket handshake: 'websocket' token not found in 'Upgrade' header") return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'websocket' token not found in 'Upgrade' header")
}
if r.Method != "GET" {
return u.returnError(w, r, http.StatusMethodNotAllowed, badHandshake+"request method is not GET")
} }
if !tokenListContainsValue(r.Header, "Sec-Websocket-Version", "13") { if !tokenListContainsValue(r.Header, "Sec-Websocket-Version", "13") {
return u.returnError(w, r, http.StatusBadRequest, "websocket: unsupported version: 13 not found in 'Sec-Websocket-Version' header") return u.returnError(w, r, http.StatusBadRequest, "websocket: unsupported version: 13 not found in 'Sec-Websocket-Version' header")
} }
if _, ok := responseHeader["Sec-Websocket-Extensions"]; ok {
return u.returnError(w, r, http.StatusInternalServerError, "websocket: application specific 'Sec-Websocket-Extensions' headers are unsupported")
}
checkOrigin := u.CheckOrigin checkOrigin := u.CheckOrigin
if checkOrigin == nil { if checkOrigin == nil {
checkOrigin = checkSameOrigin checkOrigin = checkSameOrigin