From 1d375d5a0d02732dd99c6d5a323b7b61b27a6aec Mon Sep 17 00:00:00 2001 From: fuzzybear3965 Date: Fri, 7 Jul 2017 14:47:14 -0400 Subject: [PATCH 1/3] distinguish Upgrader.Upgrade from Upgrade --- doc.go | 18 ++++++++++++------ server.go | 10 ++++++---- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/doc.go b/doc.go index e291a95..52a0685 100644 --- a/doc.go +++ b/doc.go @@ -6,9 +6,9 @@ // // Overview // -// The Conn type represents a WebSocket connection. A server application uses -// the Upgrade function from an Upgrader object with a HTTP request handler -// to get a pointer to a Conn: +// The Conn type represents a WebSocket connection. Within the context of an +// HTTP request handler, a server application calls the Upgrade method of an +// Upgrader instance obtaining a pointer to a Conn: // // var upgrader = websocket.Upgrader{ // ReadBufferSize: 1024, @@ -147,9 +147,15 @@ // CheckOrigin: func(r *http.Request) bool { return true }, // } // -// The deprecated Upgrade function does not enforce an origin policy. It's the -// application's responsibility to check the Origin header before calling -// Upgrade. +// We recommend the upgrader.Upgrade method to perform an upgrade +// from an HTTP connection to a websocket connection. This method performs +// origin policy checking using the CheckOrigin field associated with the +// Upgrader instance. +// +// By contrast, the deprecated package-level Upgrade function +// does not perform origin checking. In this case is the application's +// responsibility to manually check the Origin header before calling the +// package-level Upgrade function. // // Compression EXPERIMENTAL // diff --git a/server.go b/server.go index 3495e0f..015eb53 100644 --- a/server.go +++ b/server.go @@ -228,12 +228,14 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade return c, nil } +// DEPRECATED - use websocket.Upgrader instead. +// // Upgrade upgrades the HTTP server connection to the WebSocket protocol. // -// This function is deprecated, use websocket.Upgrader instead. -// -// The application is responsible for checking the request origin before -// calling Upgrade. An example implementation of the same origin policy is: +// Note that the application is responsible for checking the request origin +// before calling Upgrade. This is not done automatically as with the use of the +// Upgrader.Upgrade method. An example implementation of the same origin policy +// check is: // // if req.Header.Get("Origin") != "http://"+req.Host { // http.Error(w, "Origin not allowed", 403) From f4f69d2d8d68c603e6eec0117591f761afd0ff0d Mon Sep 17 00:00:00 2001 From: fuzzybear3965 Date: Mon, 10 Jul 2017 10:21:27 -0400 Subject: [PATCH 2/3] implementing (some of) @garyburd's suggestions --- doc.go | 12 +++++------- server.go | 9 ++++----- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/doc.go b/doc.go index 52a0685..505fe83 100644 --- a/doc.go +++ b/doc.go @@ -6,9 +6,8 @@ // // Overview // -// The Conn type represents a WebSocket connection. Within the context of an -// HTTP request handler, a server application calls the Upgrade method of an -// Upgrader instance obtaining a pointer to a Conn: +// The Conn type represents a WebSocket connection. A server application calls +// the Upgrader.Upgrade method from an HTTP request handler to get a *Conn: // // var upgrader = websocket.Upgrader{ // ReadBufferSize: 1024, @@ -152,10 +151,9 @@ // origin policy checking using the CheckOrigin field associated with the // Upgrader instance. // -// By contrast, the deprecated package-level Upgrade function -// does not perform origin checking. In this case is the application's -// responsibility to manually check the Origin header before calling the -// package-level Upgrade function. +// The deprecated package-level Upgrade function does not perform origin +// checking. The application is responsible for checking the Origin header +// before calling the Upgrade function. // // Compression EXPERIMENTAL // diff --git a/server.go b/server.go index 015eb53..d6e3d82 100644 --- a/server.go +++ b/server.go @@ -228,14 +228,13 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade return c, nil } -// DEPRECATED - use websocket.Upgrader instead. +// Deprecated: Use websocket.Upgrader instead. // // Upgrade upgrades the HTTP server connection to the WebSocket protocol. // -// Note that the application is responsible for checking the request origin -// before calling Upgrade. This is not done automatically as with the use of the -// Upgrader.Upgrade method. An example implementation of the same origin policy -// check is: +// Upgrade does not perform origin checking. The application is responsible for +// checking the Origin header before calling Upgrade. An example implementation +// of the same origin policy check is: // // if req.Header.Get("Origin") != "http://"+req.Host { // http.Error(w, "Origin not allowed", 403) From 92f772e4b3d169aaac1ac3b94395534b1f9b6417 Mon Sep 17 00:00:00 2001 From: Gary Burd Date: Tue, 18 Jul 2017 13:21:30 -0700 Subject: [PATCH 3/3] Misc cleanup - Fix lint warnings. - Use standard comment format to mark deprecated identifiers. - Remove redundant paragraph from doc. --- doc.go | 5 ----- json.go | 11 ++++++++--- server.go | 4 ++-- util.go | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/doc.go b/doc.go index 505fe83..fe20927 100644 --- a/doc.go +++ b/doc.go @@ -146,11 +146,6 @@ // CheckOrigin: func(r *http.Request) bool { return true }, // } // -// We recommend the upgrader.Upgrade method to perform an upgrade -// from an HTTP connection to a websocket connection. This method performs -// origin policy checking using the CheckOrigin field associated with the -// Upgrader instance. -// // The deprecated package-level Upgrade function does not perform origin // checking. The application is responsible for checking the Origin header // before calling the Upgrade function. diff --git a/json.go b/json.go index 4f0e368..dc2c1f6 100644 --- a/json.go +++ b/json.go @@ -9,12 +9,14 @@ import ( "io" ) -// WriteJSON is deprecated, use c.WriteJSON instead. +// WriteJSON writes the JSON encoding of v as a message. +// +// Deprecated: Use c.WriteJSON instead. func WriteJSON(c *Conn, v interface{}) error { return c.WriteJSON(v) } -// WriteJSON writes the JSON encoding of v to the connection. +// WriteJSON writes the JSON encoding of v as a message. // // See the documentation for encoding/json Marshal for details about the // conversion of Go values to JSON. @@ -31,7 +33,10 @@ func (c *Conn) WriteJSON(v interface{}) error { return err2 } -// ReadJSON is deprecated, use c.ReadJSON instead. +// ReadJSON reads the next JSON-encoded message from the connection and stores +// it in the value pointed to by v. +// +// Deprecated: Use c.ReadJSON instead. func ReadJSON(c *Conn, v interface{}) error { return c.ReadJSON(v) } diff --git a/server.go b/server.go index d6e3d82..6ae97c5 100644 --- a/server.go +++ b/server.go @@ -228,10 +228,10 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade return c, nil } -// Deprecated: Use websocket.Upgrader instead. -// // Upgrade upgrades the HTTP server connection to the WebSocket protocol. // +// Deprecated: Use websocket.Upgrader instead. +// // Upgrade does not perform origin checking. The application is responsible for // checking the Origin header before calling Upgrade. An example implementation // of the same origin policy check is: diff --git a/util.go b/util.go index 9a4908d..262e647 100644 --- a/util.go +++ b/util.go @@ -111,14 +111,14 @@ func nextTokenOrQuoted(s string) (value string, rest string) { case escape: escape = false p[j] = b - j += 1 + j++ case b == '\\': escape = true case b == '"': return string(p[:j]), s[i+1:] default: p[j] = b - j += 1 + j++ } } return "", ""