distinguish Upgrader.Upgrade from Upgrade

This commit is contained in:
fuzzybear3965 2017-07-07 14:47:14 -04:00
parent ea4d1f681b
commit 1d375d5a0d
2 changed files with 18 additions and 10 deletions

18
doc.go
View File

@ -6,9 +6,9 @@
// //
// Overview // Overview
// //
// The Conn type represents a WebSocket connection. A server application uses // The Conn type represents a WebSocket connection. Within the context of an
// the Upgrade function from an Upgrader object with a HTTP request handler // HTTP request handler, a server application calls the Upgrade method of an
// to get a pointer to a Conn: // Upgrader instance obtaining a pointer to a Conn:
// //
// var upgrader = websocket.Upgrader{ // var upgrader = websocket.Upgrader{
// ReadBufferSize: 1024, // ReadBufferSize: 1024,
@ -147,9 +147,15 @@
// CheckOrigin: func(r *http.Request) bool { return true }, // CheckOrigin: func(r *http.Request) bool { return true },
// } // }
// //
// The deprecated Upgrade function does not enforce an origin policy. It's the // We recommend the upgrader.Upgrade method to perform an upgrade
// application's responsibility to check the Origin header before calling // from an HTTP connection to a websocket connection. This method performs
// Upgrade. // origin policy checking using the CheckOrigin field associated with the
// Upgrader instance.
//
// By contrast, the deprecated package-level Upgrade function
// does not perform origin checking. In this case is the application's
// responsibility to manually check the Origin header before calling the
// package-level Upgrade function.
// //
// Compression EXPERIMENTAL // Compression EXPERIMENTAL
// //

View File

@ -228,12 +228,14 @@ func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeade
return c, nil return c, nil
} }
// DEPRECATED - use websocket.Upgrader instead.
//
// Upgrade upgrades the HTTP server connection to the WebSocket protocol. // Upgrade upgrades the HTTP server connection to the WebSocket protocol.
// //
// This function is deprecated, use websocket.Upgrader instead. // Note that the application is responsible for checking the request origin
// // before calling Upgrade. This is not done automatically as with the use of the
// The application is responsible for checking the request origin before // Upgrader.Upgrade method. An example implementation of the same origin policy
// calling Upgrade. An example implementation of the same origin policy is: // check is:
// //
// if req.Header.Get("Origin") != "http://"+req.Host { // if req.Header.Get("Origin") != "http://"+req.Host {
// http.Error(w, "Origin not allowed", 403) // http.Error(w, "Origin not allowed", 403)