websocket-rack 0.1.0

data/spec/integration/draft76_spec.rb

@@ -0,0 +1,212 @@
+# require 'helper'
+# 
+# describe "WebSocket server draft76" do
+#   before :each do
+#     @request = {
+#       :port => 80,
+#       :method => "GET",
+#       :path => "/demo",
+#       :headers => {
+#         'Host' => 'example.com',
+#         'Connection' => 'Upgrade',
+#         'Sec-WebSocket-Key2' => '12998 5 Y3 1  .P00',
+#         'Sec-WebSocket-Protocol' => 'sample',
+#         'Upgrade' => 'WebSocket',
+#         'Sec-WebSocket-Key1' => '4 @1  46546xW%0l 1 5',
+#         'Origin' => 'http://example.com'
+#       },
+#       :body => '^n:ds[4U'
+#     }
+# 
+#     @response = {
+#       :headers => {
+#         "Upgrade" => "WebSocket",
+#         "Connection" => "Upgrade",
+#         "Sec-WebSocket-Location" => "ws://example.com/demo",
+#         "Sec-WebSocket-Origin" => "http://example.com",
+#         "Sec-WebSocket-Protocol" => "sample"
+#       },
+#       :body => "8jKS\'y:G*Co,Wxa-"
+#     }
+#   end
+#   
+#   it "should send back the correct handshake response" do
+#     EM.run do
+#       EM.add_timer(0.1) do
+#         EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { }
+#         
+#         # Create a fake client which sends draft 76 handshake
+#         connection = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#         connection.send_data(format_request(@request))
+#         
+#         connection.onopen = lambda {
+#           connection.handshake_response.lines.sort.
+#             should == format_response(@response).lines.sort
+#           EM.stop
+#         }
+#       end
+#     end
+#   end
+#   
+#   it "should send closing frame back and close the connection after recieving closing frame" do
+#     EM.run do
+#       EM.add_timer(0.1) do
+#         EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { }
+#   
+#         # Create a fake client which sends draft 76 handshake
+#         connection = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#         connection.send_data(format_request(@request))
+#   
+#         # Send closing frame after handshake complete
+#         connection.onopen = lambda {
+#           connection.send_data(EM::WebSocket::Handler76::TERMINATE_STRING)
+#         }
+#   
+#         # Check that this causes a termination string to be returned and the 
+#         # connection close
+#         connection.onclose = lambda {
+#           connection.packets[0].should == 
+#             EM::WebSocket::Handler76::TERMINATE_STRING
+#           EM.stop
+#         }
+#       end
+#     end
+#   end
+#   
+#   it "should ignore any data received after the closing frame" do
+#     EM.run do
+#       EM.add_timer(0.1) do
+#         EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { |ws|
+#           # Fail if foobar message is received
+#           ws.onmessage { |msg|
+#             failed
+#           }
+#         }
+#         
+#         # Create a fake client which sends draft 76 handshake
+#         connection = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#         connection.send_data(format_request(@request))
+#   
+#         # Send closing frame after handshake complete, followed by another msg
+#         connection.onopen = lambda {
+#           connection.send_data(EM::WebSocket::Handler76::TERMINATE_STRING)
+#           connection.send('foobar')
+#         }
+#   
+#         connection.onclose = lambda {
+#           EM.stop
+#         }
+#       end
+#     end
+#   end
+# 
+#   it "should accept null bytes within the frame after a line return" do
+#     EM.run do
+#       EM.add_timer(0.1) do
+#         EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { |ws|
+#           ws.onmessage { |msg|
+#             msg.should == "\n\000" 
+#           }
+#         }
+#   
+#         # Create a fake client which sends draft 76 handshake
+#         connection = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#         connection.send_data(format_request(@request))
+#   
+#         # Send closing frame after handshake complete
+#         connection.onopen = lambda {
+#           connection.send_data("\000\n\000\377")
+#           connection.send_data(EM::WebSocket::Handler76::TERMINATE_STRING)
+#         }
+#   
+#         connection.onclose = lambda {
+#           EM.stop
+#         }
+#       end
+#     end
+#   end
+# 
+#   it "should handle unreasonable frame lengths by calling onerror callback" do
+#     EM.run do
+#       EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { |server|
+#         server.onerror { |error|
+#           error.should be_an_instance_of EM::WebSocket::DataError
+#           error.message.should == "Frame length too long (1180591620717411303296 bytes)"
+#           EM.stop
+#         }
+#       }
+# 
+#       # Create a fake client which sends draft 76 handshake
+#       client = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#       client.send_data(format_request(@request))
+# 
+#       # This particular frame indicates a message length of
+#       # 1180591620717411303296 bytes. Such a message would previously cause
+#       # a "bignum too big to convert into `long'" error.
+#       # However it is clearly unreasonable and should be rejected.
+#       client.onopen = lambda {
+#         client.send_data("\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\x00")
+#       }
+#     end
+#   end
+#   
+#   it "should handle impossible frames by calling onerror callback" do
+#     EM.run do
+#       EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { |server|
+#         server.onerror { |error|
+#           error.should be_an_instance_of EM::WebSocket::DataError
+#           error.message.should == "Invalid frame received"
+#           EM.stop
+#         }
+#       }
+# 
+#       # Create a fake client which sends draft 76 handshake
+#       client = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#       client.send_data(format_request(@request))
+# 
+#       client.onopen = lambda {
+#         client.send_data("foobar") # Does not start with \x00 or \xff
+#       }
+#     end
+#   end
+# 
+#   it "should handle invalid http requests by raising HandshakeError passed to onerror callback" do
+#     EM.run {
+#       EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { |server|
+#         server.onerror { |error|
+#           error.should be_an_instance_of EM::WebSocket::HandshakeError
+#           error.message.should == "Invalid HTTP header"
+#           EM.stop
+#         }
+#       }
+#       
+#       client = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#       client.send_data("This is not a HTTP header\r\n\r\n")
+#     }
+#   end
+# 
+#   it "should handle handshake request split into two TCP packets" do
+#     EM.run do
+#       EM.add_timer(0.1) do
+#         EventMachine::WebSocket.start(:host => "0.0.0.0", :port => 12345) { }
+# 
+#         # Create a fake client which sends draft 76 handshake
+#         connection = EM.connect('0.0.0.0', 12345, FakeWebSocketClient)
+#         data = format_request(@request)
+#         # Sends first half of the request
+#         connection.send_data(data[0...(data.length / 2)])
+# 
+#         connection.onopen = lambda {
+#           connection.handshake_response.lines.sort.
+#             should == format_response(@response).lines.sort
+#           EM.stop
+#         }
+# 
+#         EM.add_timer(0.1) do
+#           # Sends second half of the request
+#           connection.send_data(data[(data.length / 2)..-1])
+#         end
+#       end
+#     end
+#   end
+# end

data/spec/unit/framing_spec.rb

@@ -0,0 +1,108 @@
+require 'helper'
+
+describe Rack::WebSocket::Framing03 do
+  class FramingContainer
+    include Rack::WebSocket::Framing03
+
+    def <<(data)
+      @data << data
+      process_data(data)
+    end
+
+    def debug(*args); end
+  end
+
+  before :each do
+    @f = FramingContainer.new
+    @f.initialize_framing
+  end
+
+  describe "basic examples" do
+    it "connection close" do
+      @f.should_receive(:message).with(:close, '', '')
+      @f << 0b00000001
+      @f << 0b00000000
+    end
+
+    it "ping" do
+      @f.should_receive(:message).with(:ping, '', '')
+      @f << 0b00000010
+      @f << 0b00000000
+    end
+
+    it "pong" do
+      @f.should_receive(:message).with(:pong, '', '')
+      @f << 0b00000011
+      @f << 0b00000000
+    end
+
+    it "text" do
+      @f.should_receive(:message).with(:text, '', 'foo')
+      @f << 0b00000100
+      @f << 0b00000011
+      @f << 'foo'
+    end
+
+    it "Text in two frames" do
+      @f.should_receive(:message).with(:text, '', 'hello world')
+      @f << 0b10000100
+      @f << 0b00000110
+      @f << "hello "
+      @f << 0b00000000
+      @f << 0b00000101
+      @f << "world"
+    end
+
+    it "2 byte extended payload length text frame" do
+      data = 'a' * 256
+      @f.should_receive(:message).with(:text, '', data)
+      @f << 0b00000100 # Single frame, text
+      @f << 0b01111110 # Length 126 (so read 2 bytes)
+      @f << 0b00000001 # Two bytes in network byte order (256)
+      @f << 0b00000000
+      @f << data
+    end
+  end
+
+  # These examples are straight from the spec
+  # http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-03#section-4.6
+  describe "examples from the spec" do
+    it "a single-frame text message" do
+      @f.should_receive(:message).with(:text, '', 'Hello')
+      @f << "\x04\x05Hello"
+    end
+
+    it "a fragmented text message" do
+      @f.should_receive(:message).with(:text, '', 'Hello')
+      @f << "\x84\x03Hel"
+      @f << "\x00\x02lo"
+    end
+
+    it "Ping request and response" do
+      @f.should_receive(:message).with(:ping, '', 'Hello')
+      @f << "\x02\x05Hello"
+    end
+
+    it "256 bytes binary message in a single frame" do
+      data = "a"*256
+      @f.should_receive(:message).with(:binary, '', data)
+      @f << "\x05\x7E\x01\x00" + data
+    end
+
+    it "64KiB binary message in a single frame" do
+      data = "a"*65536
+      @f.should_receive(:message).with(:binary, '', data)
+      @f << "\x05\x7F\x00\x00\x00\x00\x00\x01\x00\x00" + data
+    end
+  end
+
+  describe "error cases" do
+    it "should raise an exception on continuation frame without preceeding more frame" do
+      lambda {
+        @f << 0b00000000 # Single frame, continuation
+        @f << 0b00000001 # Length 1
+        @f << 'f'
+      }.should raise_error(Rack::WebSocket::WebSocketError, 'Continuation frame not expected')
+    end
+  end
+end

data/spec/unit/handler_spec.rb

@@ -0,0 +1,136 @@
+require 'helper'
+
+describe "Rack::WebSocket::Handler" do
+  before :each do
+    @request = {
+      :port => 80,
+      :method => "GET",
+      :path => "/demo",
+      :headers => {
+        'Host' => 'example.com',
+        'Connection' => 'Upgrade',
+        'Sec-WebSocket-Key2' => '12998 5 Y3 1  .P00',
+        'Sec-WebSocket-Protocol' => 'sample',
+        'Upgrade' => 'WebSocket',
+        'Sec-WebSocket-Key1' => '4 @1  46546xW%0l 1 5',
+        'Origin' => 'http://example.com'
+      },
+      :body => '^n:ds[4U'
+    }
+    @secure_request = @request.merge(:port => 443)
+
+    @response = {
+      :headers => {
+        "Upgrade" => "WebSocket",
+        "Connection" => "Upgrade",
+        "Sec-WebSocket-Location" => "ws://example.com/demo",
+        "Sec-WebSocket-Origin" => "http://example.com",
+        "Sec-WebSocket-Protocol" => "sample"
+      },
+      :body => "8jKS\'y:G*Co,Wxa-"
+    }
+    @secure_response = @response.merge(:headers => @response[:headers].merge('Sec-WebSocket-Location' => "wss://example.com:443/demo"))
+  end
+
+  it "should handle good request" do
+    handler(@request).should send_handshake(@response)
+  end
+
+  it "should handle good request to secure default port if secure mode is enabled" do
+    handler(@secure_request, true).should send_handshake(@secure_response)
+  end
+
+  it "should not handle good request to secure default port if secure mode is disabled" do
+    handler(@secure_request, false).should_not send_handshake(@secure_response)
+  end
+
+  it "should handle good request on nondefault port" do
+    @request[:port] = 8081
+    @request[:headers]['Host'] = 'example.com:8081'
+    @response[:headers]['Sec-WebSocket-Location'] =
+      'ws://example.com:8081/demo'
+
+    handler(@request).should send_handshake(@response)
+  end
+
+  it "should handle good request to secure nondefault port" do
+    @secure_request[:port] = 8081
+    @secure_request[:headers]['Host'] = 'example.com:8081'
+    @secure_response[:headers]['Sec-WebSocket-Location'] = 'wss://example.com:8081/demo'
+    handler(@secure_request, true).should send_handshake(@secure_response)
+  end
+
+  it "should handle good request with no protocol" do
+    @request[:headers].delete('Sec-WebSocket-Protocol')
+    @response[:headers].delete("Sec-WebSocket-Protocol")
+
+    handler(@request).should send_handshake(@response)
+  end
+
+  it "should handle extra headers by simply ignoring them" do
+    @request[:headers]['EmptyValue'] = ""
+    @request[:headers]['AKey'] = "AValue"
+
+    handler(@request).should send_handshake(@response)
+  end
+
+  it "should raise error on HTTP request" do
+    @request[:headers] = {
+      'Host' => 'www.google.com',
+      'User-Agent' => 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB6 GTBA',
+      'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
+      'Accept-Language' => 'en-us,en;q=0.5',
+      'Accept-Encoding' => 'gzip,deflate',
+      'Accept-Charset' => 'ISO-8859-1,utf-8;q=0.7,*;q=0.7',
+      'Keep-Alive' => '300',
+      'Connection' => 'keep-alive',
+    }
+
+    lambda {
+      handler(@request).handshake
+    }.should raise_error(Rack::WebSocket::HandshakeError)
+  end
+
+  it "should raise error on wrong method" do
+    @request[:method] = 'POST'
+
+    lambda {
+      handler(@request).handshake
+    }.should raise_error(Rack::WebSocket::HandshakeError)
+  end
+
+  it "should raise error if upgrade header incorrect" do
+    @request[:headers]['Upgrade'] = 'NonWebSocket'
+
+    lambda {
+      handler(@request).handshake
+    }.should raise_error(Rack::WebSocket::HandshakeError)
+  end
+
+  it "should raise error if Sec-WebSocket-Protocol is empty" do
+    @request[:headers]['Sec-WebSocket-Protocol'] = ''
+
+    lambda {
+      handler(@request).handshake
+    }.should raise_error(Rack::WebSocket::HandshakeError)
+  end
+
+  %w[Sec-WebSocket-Key1 Sec-WebSocket-Key2].each do |header|
+    it "should raise error if #{header} has zero spaces" do
+      @request[:headers][header] = 'nospaces'
+
+      lambda {
+        handler(@request).handshake
+      }.should raise_error(Rack::WebSocket::HandshakeError, 'Websocket Key1 or Key2 does not contain spaces - this is a symptom of a cross-protocol attack')
+    end
+  end
+  
+  it "should raise error if spaces do not divide numbers in Sec-WebSocket-Key* " do
+    @request[:headers]['Sec-WebSocket-Key2'] = '12998 5 Y3 1.P00'
+
+    lambda {
+      handler(@request).handshake
+    }.should raise_error(Rack::WebSocket::HandshakeError, 'Invalid Key "12998 5 Y3 1.P00"')
+  end
+
+end