websocket-driver 0.6.2-java → 0.6.3-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c901112b6c0a993b2d8ef9aefb403a35f48ece9a
4
- data.tar.gz: 4a2060e078501b09e32e25ce468572cc8510573d
3
+ metadata.gz: 7a9a3b19bd45673c1f7802c01d1108331f2c49bf
4
+ data.tar.gz: 5db37f196e48222a6544aa8313b86c276a8d7df6
5
5
  SHA512:
6
- metadata.gz: ec00c1ae96b5c0e6ffdcb3511a142e53426bbdbee00c91ce1832b77259026bf029d62cbcdbf735e2b3b955bdaefc6b0ae4bf2144438bb004ba3322ac159216a1
7
- data.tar.gz: b56f747f1de4c2876e6929a23fcea02621cb5e24679442f0623d7a0ae414da4dcc2b491ecc58c10dd955be88e77b3599649594534e144357a317c6fdea8f34da
6
+ metadata.gz: af8a11bc2a93a6863d888ae590c2114fa85851bc3fe1cd2a7449cafdb1a8c4207bf45f3879df92d08c84a2b6fc8e11705ae59bf7b4c93d717755577a1c51b052
7
+ data.tar.gz: 42bbe9765306e54553d9dc717def5f0308e04910b49fcaafa696c82a599d0b4a2edbb2bdf16cd3667f8c53935aa4f927f76a4d0fe926052b6b3f96eb83edd025
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ### 0.6.3 / 2015-11-06
2
+
3
+ * Reject draft-76 handshakes if their Sec-WebSocket-Key headers are invalid
4
+ * Throw a more helpful error if a client is created with an invalid URL
5
+
1
6
  ### 0.6.2 / 2015-07-18
2
7
 
3
8
  * When the peer sends a close frame with no error code, emit 1000
@@ -20,7 +20,7 @@ method_websocket_mask(VALUE self,
20
20
  VALUE mask)
21
21
  {
22
22
  char *payload_s, *mask_s, *unmasked_s;
23
- int i, n;
23
+ long i, n;
24
24
  VALUE unmasked;
25
25
 
26
26
  if (mask == Qnil || RSTRING_LEN(mask) != 4) {
@@ -46,6 +46,7 @@ module WebSocket
46
46
  CloseEvent = Struct.new(:code, :reason)
47
47
 
48
48
  ProtocolError = Class.new(StandardError)
49
+ URIError = Class.new(ArgumentError)
49
50
  ConfigurationError = Class.new(ArgumentError)
50
51
 
51
52
  autoload :Client, root + '/client'
@@ -2,6 +2,8 @@ module WebSocket
2
2
  class Driver
3
3
 
4
4
  class Client < Hybi
5
+ VALID_SCHEMES = %w[ws wss]
6
+
5
7
  def self.generate_key
6
8
  Base64.strict_encode64(SecureRandom.random_bytes(16))
7
9
  end
@@ -16,7 +18,11 @@ module WebSocket
16
18
  @accept = Hybi.generate_accept(@key)
17
19
  @http = HTTP::Response.new
18
20
 
19
- uri = URI.parse(@socket.url)
21
+ uri = URI.parse(@socket.url)
22
+ unless VALID_SCHEMES.include?(uri.scheme)
23
+ raise URIError, "#{socket.url} is not a valid WebSocket URL"
24
+ end
25
+
20
26
  host = uri.host + (uri.port ? ":#{uri.port}" : '')
21
27
  path = (uri.path == '') ? '/' : uri.path
22
28
  @pathname = path + (uri.query ? '?' + uri.query : '')
@@ -38,6 +38,24 @@ module WebSocket
38
38
  private
39
39
 
40
40
  def handshake_response
41
+ env = @socket.env
42
+
43
+ key1 = env['HTTP_SEC_WEBSOCKET_KEY1']
44
+ number1 = number_from_key(key1)
45
+ spaces1 = spaces_in_key(key1)
46
+
47
+ key2 = env['HTTP_SEC_WEBSOCKET_KEY2']
48
+ number2 = number_from_key(key2)
49
+ spaces2 = spaces_in_key(key2)
50
+
51
+ if number1 % spaces1 != 0 or number2 % spaces2 != 0
52
+ emit(:error, ProtocolError.new('Client sent invalid Sec-WebSocket-Key headers'))
53
+ close
54
+ return nil
55
+ end
56
+
57
+ @key_values = [number1 / spaces1, number2 / spaces2]
58
+
41
59
  start = 'HTTP/1.1 101 WebSocket Protocol Handshake'
42
60
  headers = [start, @headers.to_s, '']
43
61
  headers.join("\r\n")
@@ -46,14 +64,8 @@ module WebSocket
46
64
  def handshake_signature
47
65
  return nil unless @body.bytesize >= BODY_SIZE
48
66
 
49
- head = @body[0...BODY_SIZE]
50
- env = @socket.env
51
- key1 = env['HTTP_SEC_WEBSOCKET_KEY1']
52
- value1 = number_from_key(key1) / spaces_in_key(key1)
53
- key2 = env['HTTP_SEC_WEBSOCKET_KEY2']
54
- value2 = number_from_key(key2) / spaces_in_key(key2)
55
-
56
- Digest::MD5.digest([value1, value2, head].pack('N2A*'))
67
+ head = @body[0...BODY_SIZE]
68
+ Digest::MD5.digest((@key_values + [head]).pack('N2A*'))
57
69
  end
58
70
 
59
71
  def send_handshake_body
@@ -7,6 +7,7 @@ module WebSocket
7
7
  def initialize(socket, options = {})
8
8
  super
9
9
  @http = HTTP::Request.new
10
+ @delegate = nil
10
11
  end
11
12
 
12
13
  def env
Binary file
metadata CHANGED
@@ -1,25 +1,25 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: websocket-driver
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.2
4
+ version: 0.6.3
5
5
  platform: java
6
6
  authors:
7
7
  - James Coglan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-18 00:00:00.000000000 Z
11
+ date: 2015-11-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: websocket-extensions
15
15
  version_requirements: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: 0.1.0
20
20
  requirement: !ruby/object:Gem::Requirement
21
21
  requirements:
22
- - - '>='
22
+ - - ">="
23
23
  - !ruby/object:Gem::Version
24
24
  version: 0.1.0
25
25
  prerelease: false
@@ -28,12 +28,12 @@ dependencies:
28
28
  name: eventmachine
29
29
  version_requirements: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  requirement: !ruby/object:Gem::Requirement
35
35
  requirements:
36
- - - '>='
36
+ - - ">="
37
37
  - !ruby/object:Gem::Version
38
38
  version: '0'
39
39
  prerelease: false
@@ -42,12 +42,12 @@ dependencies:
42
42
  name: permessage_deflate
43
43
  version_requirements: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '>='
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  requirement: !ruby/object:Gem::Requirement
49
49
  requirements:
50
- - - '>='
50
+ - - ">="
51
51
  - !ruby/object:Gem::Version
52
52
  version: '0'
53
53
  prerelease: false
@@ -56,12 +56,12 @@ dependencies:
56
56
  name: rake-compiler
57
57
  version_requirements: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ~>
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
61
  version: 0.8.0
62
62
  requirement: !ruby/object:Gem::Requirement
63
63
  requirements:
64
- - - ~>
64
+ - - "~>"
65
65
  - !ruby/object:Gem::Version
66
66
  version: 0.8.0
67
67
  prerelease: false
@@ -70,12 +70,12 @@ dependencies:
70
70
  name: rspec
71
71
  version_requirements: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '>='
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
75
  version: '0'
76
76
  requirement: !ruby/object:Gem::Requirement
77
77
  requirements:
78
- - - '>='
78
+ - - ">="
79
79
  - !ruby/object:Gem::Version
80
80
  version: '0'
81
81
  prerelease: false
@@ -118,20 +118,20 @@ licenses:
118
118
  metadata: {}
119
119
  post_install_message:
120
120
  rdoc_options:
121
- - --main
121
+ - "--main"
122
122
  - README.md
123
- - --markup
123
+ - "--markup"
124
124
  - markdown
125
125
  require_paths:
126
126
  - lib
127
127
  required_ruby_version: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '>='
129
+ - - ">="
130
130
  - !ruby/object:Gem::Version
131
131
  version: '0'
132
132
  required_rubygems_version: !ruby/object:Gem::Requirement
133
133
  requirements:
134
- - - '>='
134
+ - - ">="
135
135
  - !ruby/object:Gem::Version
136
136
  version: '0'
137
137
  requirements: []