The purpose of this change is to set this behavior in stone, so that, for example, introducing "follow redirects" by default would be a breaking change.
The [WebSocket spec](https://www.rfc-editor.org/rfc/rfc6455) actually allows the client to follow redirects:
> the server might redirect the client using a 3xx status code (but clients are not required to follow them)
I think this library should be explicit about whether it does this.
I feel like the existing "...so that callers can handle redirects, authentication, etcetera" is not worded strongly enough.
Signed-off-by: WofWca <wofwca@protonmail.com>
The package ignored errors from net.Conn Set*Deadline in a few places.
Update the package to return these errors to the caller.
Ignore all other errors reported by errcheck. These errors are safe to
ignore because
- The function is making a best effort to cleanup while handling another
error.
- The function call is guaranteed to succeed.
- The error is ignored in a test.
The doHandshake function was split off to separate files to support
different implementations for Go < 1.16 and Go >= 1.17.
The separate files are not needed now that Go 1.20 is the minimum
supported version of Go for the project.
Import golang.org/x/net/proxy instead of using the bundle in
x_net_proxy.go. There's no need to avoid the dependency on
golang.org/x/net/proxy now that Go's module system is in widespread use.
Change Dialer.DialContext to pass contexts as an argument to the dial
function instead of tunneling the context through closures. Tunneling is
no longer needed because the proxy package supports contexts. The
version of the proxy package in the bundle predates contexts!
Simplify the code for calculating the base dial function.
Prevent the HTTP proxy dialer from leaking out of the websocket package
by selecting the HTTP proxy dialer directly in the websocket package.
Previously, the HTTP dialer was registered with the proxy package.
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.
For a timely review/response, please avoid force-pushing additional
commits if your PR already received reviews or comments.
Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md
- Provide tests for your changes.
- Use descriptive commit messages.
- Comment your code where appropriate.
- Squash your commits
- Update any related documentation.
- Add gorilla/pull-request-reviewers as a Reviewer
-->
## What type of PR is this? (check all applicable)
- [x] Refactor
- [ ] Feature
- [ ] Bug Fix
- [ ] Optimization
- [ ] Documentation Update
- [ ] Go Version Update
- [ ] Dependency Update
## Description
## Related Tickets & Documents
<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).
For example having the text: "closes #1234" would connect the current
pull
request to issue 1234. And when we merge the pull request, Github will
automatically close the issue.
-->
- Related Issue #
- Closes #
## Added/updated tests?
- [ ] Yes
- [x] No
- [ ] I need help with writing tests
## Run verifications and test
- [ ] `make verify` is passing
- [ ] `make test` is passing
* return an error when Dialer.TLSClientConfig.NextProtos contains a protocol that is not http/1.1
* include the likely cause of the error in the error message
* check for nil-ness of Dialer.TLSClientConfig before attempting to run the check
* addressing the review
* move the NextProtos test into a separate file so that it can be run conditionally on go versions >= 1.14
* moving the new error check into existing http response error block to reduce the possibility of false positives
* wrapping the error in %w
* using %v instead of %w for compatibility with older versions of go
* Revert "using %v instead of %w for compatibility with older versions of go"
This reverts commit d34dd940ee.
* move the unit test back into the existing test code since golang build constraint is no longer necessary
Co-authored-by: Chan Kang <chankang@chankang17@gmail.com>
Fixes issue: https://github.com/gorilla/websocket/issues/745
With the previous interface, NetDial and NetDialContext were used for
both TLS and non-TLS TCP connections, and afterwards TLSClientConfig was
used to do the TLS handshake.
While this API works for most cases, it prevents from using more advance
authentication methods during the TLS handshake, as this is out of the
control of the user.
This commits introduces another a new dial method, NetDialTLSContext,
which is used when dialing for TLS/TCP. The code then assumes that the
handshake is done there and TLSClientConfig is not used.
This API change is fully backwards compatible and it better aligns with
net/http.Transport API, which has these two dial flavors. See:
https://pkg.go.dev/net/http#Transport
Signed-off-by: Lluis Campos <lluis.campos@northern.tech>
The values of the `Upgrade` and `Connection` response headers can
contain multiple tokens, for example
Connection: upgrade, keep-alive
The WebSocket RFC describes the checking of these as follows:
2. If the response lacks an |Upgrade| header field or the |Upgrade|
header field contains a value that is not an ASCII case-
insensitive match for the value "websocket", the client MUST
_Fail the WebSocket Connection_.
3. If the response lacks a |Connection| header field or the
|Connection| header field doesn't contain a token that is an
ASCII case-insensitive match for the value "Upgrade", the client
MUST _Fail the WebSocket Connection_.
It is careful to note "contains a value", "contains a token".
Previously, the client would reject with "bad handshake" if the header
doesn't contain exactly the value it looks for.
Change the checks to use `tokenListContainsValue` instead, which is
incidentally what the server is already doing for similar checks.
Sorry for the dumbest PR ever, but this tiny addition of a period changes the formatting of this sentence from a header to a regular paragraph in godoc.
- Add Go 1.11 to Travis config
- Use short variable declarations where possible.
- Remove unnecessary build tags after move to Go 1.7 min version.
- Simplify composite literals.
- Remove unused fields (err in PerparedMessage)
- Fix errors reported by golint and goword.
Add WriteBufferPool to Dialer and Upgrader. This field specifies a pool
to use for write operations on a connection. Use of the pool can reduce
memory use when there is a modest write volume over a large number of
connections.
Use larger of hijacked buffer and buffer allocated for connection (if
any) as buffer for building handshake response. This decreases possible
allocations when building the handshake response.
Modify bufio reuse test to call Upgrade instead of the internal
newConnBRW. Move the test from conn_test.go to server_test.go because
it's a serer test.
Update newConn and newConnBRW:
- Move the bufio "hacks" from newConnBRW to separate functions and call
these functions directly from Upgrade.
- Rename newConn to newTestConn and move to conn_test.go. Shorten
argument list to common use case.
- Rename newConnBRW to newConn.
- Add pool code to newConn.
Change the subprotocol and extension header names to match the case used
in RFC examples. Other headers names already match the case used in the
examples.
Although the headers names in the handshake are case insensitive, some
libraries expect the exact case used in the RFC examples. This change
allows the package to interoperate with those broken libraries.
- Bundle the golang.org/x/net/proxy package to x_net_proxy.go. The
package contains a SOCKS5 proxy. The package is bundled to avoid adding
a dependency from the weboscket package to golang.org/x/net.
- Restructure the existing HTTP proxy code so the code can be used as a
dialer with the proxy package.
- Modify Dialer.Dial to use proxy.FromURL.
- Improve tests (avoid modifying package-level data, use timeouts in
tests, use correct proxy URLs in tests).
Fixes#297.
Reuse the buffer backing the bufio.Writer returned from hijack if that
buffer is large enough to be generally useful and
Upgrader.WriteBufferSize == 0.
Update the logic for reusing bufio.Reader returned from hijack to match
the logic for bufio.Reader: The buffer backing the reader must be
sufficiently large to be generally useful and Upgrader.ReadBufferSize ==
0.
Improve the documentation for ReadBufferSize and WriterBufferSize in
Dialer and Upgrader.
Prior to this change, the client passed query strings from the
application to the network via the net/url#URL.Opaque field. This works,
but may not be something the authors of the net/url and net/http
packages expect. To play it safe, this change parses the query string to
the net/url#URL.RawQuery field.
- To take advantage of the Host header cleanup in the net/http
Request.Write method, use a net/http Request to write the handshake to
the wire.
- Move code from the deprecated NewClientConn function to Dialer.Dial.
This change makes it easier to add proxy support to Dialer.Dial. Add
comment noting that NewClientConn is deprecated.
- Update the code so that parseURL can be replaced with net/url Parse.
We need to wait until we can require 1.5 before making the swap.
The Dialer.Dial method returns an *http.Response on a bad handshake.
This CL updates the Dial method to include up to 1024 bytes of the
response body in the returned *http.Response. Applications may find the
response body helpful when debugging bad handshakes.
Fixes issue #62.