From f4f69d2d8d68c603e6eec0117591f761afd0ff0d Mon Sep 17 00:00:00 2001 From: fuzzybear3965 Date: Mon, 10 Jul 2017 10:21:27 -0400 Subject: [PATCH] implementing (some of) @garyburd's suggestions --- doc.go | 12 +++++------- server.go | 9 ++++----- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/doc.go b/doc.go index 52a0685..505fe83 100644 --- a/doc.go +++ b/doc.go @@ -6,9 +6,8 @@ // // Overview // -// The Conn type represents a WebSocket connection. Within the context of an -// HTTP request handler, a server application calls the Upgrade method of an -// Upgrader instance obtaining a pointer to a Conn: +// The Conn type represents a WebSocket connection. A server application calls +// the Upgrader.Upgrade method from an HTTP request handler to get a *Conn: // // var upgrader = websocket.Upgrader{ // ReadBufferSize: 1024, @@ -152,10 +151,9 @@ // origin policy checking using the CheckOrigin field associated with the // Upgrader instance. // -// By contrast, the deprecated package-level Upgrade function -// does not perform origin checking. In this case is the application's -// responsibility to manually check the Origin header before calling the -// package-level Upgrade function. +// The deprecated package-level Upgrade function does not perform origin +// checking. The application is responsible for checking the Origin header +// before calling the Upgrade function. // // Compression EXPERIMENTAL // diff --git a/server.go b/server.go index 015eb53..d6e3d82 100644 --- a/server.go +++ b/server.go @@ -228,14 +228,13 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade return c, nil } -// DEPRECATED - use websocket.Upgrader instead. +// Deprecated: Use websocket.Upgrader instead. // // Upgrade upgrades the HTTP server connection to the WebSocket protocol. // -// Note that the application is responsible for checking the request origin -// before calling Upgrade. This is not done automatically as with the use of the -// Upgrader.Upgrade method. An example implementation of the same origin policy -// check is: +// Upgrade does not perform origin checking. The application is responsible for +// checking the Origin header before calling Upgrade. An example implementation +// of the same origin policy check is: // // if req.Header.Get("Origin") != "http://"+req.Host { // http.Error(w, "Origin not allowed", 403)