| // Copyright 2013 Gary Burd. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package websocket |
| |
| import ( |
| "bufio" |
| "errors" |
| "net" |
| "net/http" |
| "strings" |
| ) |
| |
| // HandshakeError describes an error with the handshake from the peer. |
| type HandshakeError struct { |
| message string |
| } |
| |
| func (e HandshakeError) Error() string { return e.message } |
| |
| // Upgrade upgrades the HTTP server connection to the WebSocket protocol. |
| // |
| // The application is responsible for checking the request origin before |
| // calling Upgrade. An example implementation of the same origin policy is: |
| // |
| // if req.Header.Get("Origin") != "http://"+req.Host { |
| // http.Error(w, "Origin not allowed", 403) |
| // return |
| // } |
| // |
| // If the endpoint supports subprotocols, then the application is responsible |
| // for negotiating the protocol used on the connection. Use the Subprotocols() |
| // function to get the subprotocols requested by the client. Use the |
| // Sec-Websocket-Protocol response header to specify the subprotocol selected |
| // by the application. |
| // |
| // The responseHeader is included in the response to the client's upgrade |
| // request. Use the responseHeader to specify cookies (Set-Cookie) and the |
| // negotiated subprotocol (Sec-Websocket-Protocol). |
| // |
| // The connection buffers IO to the underlying network connection. The |
| // readBufSize and writeBufSize parameters specify the size of the buffers to |
| // use. Messages can be larger than the buffers. |
| // |
| // If the request is not a valid WebSocket handshake, then Upgrade returns an |
| // error of type HandshakeError. Applications should handle this error by |
| // replying to the client with an HTTP error response. |
| func Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header, readBufSize, writeBufSize int) (*Conn, error) { |
| |
| if values := r.Header["Sec-Websocket-Version"]; len(values) == 0 || values[0] != "13" { |
| return nil, HandshakeError{"websocket: version != 13"} |
| } |
| |
| if !tokenListContainsValue(r.Header, "Connection", "upgrade") { |
| return nil, HandshakeError{"websocket: connection header != upgrade"} |
| } |
| |
| if !tokenListContainsValue(r.Header, "Upgrade", "websocket") { |
| return nil, HandshakeError{"websocket: upgrade != websocket"} |
| } |
| |
| var challengeKey string |
| values := r.Header["Sec-Websocket-Key"] |
| if len(values) == 0 || values[0] == "" { |
| return nil, HandshakeError{"websocket: key missing or blank"} |
| } |
| challengeKey = values[0] |
| |
| var ( |
| netConn net.Conn |
| br *bufio.Reader |
| err error |
| ) |
| |
| h, ok := w.(http.Hijacker) |
| if !ok { |
| return nil, errors.New("websocket: response does not implement http.Hijacker") |
| } |
| var rw *bufio.ReadWriter |
| netConn, rw, err = h.Hijack() |
| br = rw.Reader |
| |
| if br.Buffered() > 0 { |
| netConn.Close() |
| return nil, errors.New("websocket: client sent data before handshake is complete") |
| } |
| |
| c := newConn(netConn, true, readBufSize, writeBufSize) |
| if responseHeader != nil { |
| c.subprotocol = responseHeader.Get("Sec-Websocket-Protocol") |
| } |
| |
| p := c.writeBuf[:0] |
| p = append(p, "HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: "...) |
| p = append(p, computeAcceptKey(challengeKey)...) |
| p = append(p, "\r\n"...) |
| for k, vs := range responseHeader { |
| for _, v := range vs { |
| p = append(p, k...) |
| p = append(p, ": "...) |
| for i := 0; i < len(v); i++ { |
| b := v[i] |
| if b <= 31 { |
| // prevent response splitting. |
| b = ' ' |
| } |
| p = append(p, b) |
| } |
| p = append(p, "\r\n"...) |
| } |
| } |
| p = append(p, "\r\n"...) |
| |
| if _, err = netConn.Write(p); err != nil { |
| netConn.Close() |
| return nil, err |
| } |
| |
| return c, nil |
| } |
| |
| // Subprotocols returns the subprotocols requested by the client in the |
| // Sec-Websocket-Protocol header. |
| func Subprotocols(r *http.Request) []string { |
| h := strings.TrimSpace(r.Header.Get("Sec-Websocket-Protocol")) |
| if h == "" { |
| return nil |
| } |
| protocols := strings.Split(h, ",") |
| for i := range protocols { |
| protocols[i] = strings.TrimSpace(protocols[i]) |
| } |
| return protocols |
| } |