IETF Logo Mail Archive

Re: [hybi] Revised WebSocket Feedback

Takeshi Yoshino <tyoshino@google.com> Mon, 15 March 2010 09:31 UTC

Return-Path: <tyoshino@google.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7ED8E3A68DC for <hybi@core3.amsl.com>; Mon, 15 Mar 2010 02:31:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.776
X-Spam-Level:
X-Spam-Status: No, score=-102.776 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, J_CHICKENPOX_34=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GPm8uJRvA3sm for <hybi@core3.amsl.com>; Mon, 15 Mar 2010 02:31:34 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.33.17]) by core3.amsl.com (Postfix) with ESMTP id 37DBB3A6934 for <hybi@ietf.org>; Mon, 15 Mar 2010 02:30:54 -0700 (PDT)
Received: from kpbe11.cbf.corp.google.com (kpbe11.cbf.corp.google.com [172.25.105.75]) by smtp-out.google.com with ESMTP id o2F9UxU2027592 for <hybi@ietf.org>; Mon, 15 Mar 2010 09:31:00 GMT
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1268645460; bh=UGKjzXQg2niKGXtkKy5RkwHBouM=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=kIKLv1MU+gbDaNKICED6Vxr9wtOEMxaN4W8nnHGduZZFK05kOUl2ZGisCM4GUHChC 7p81wcf/Ll0UbJTi0Y2IQ==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:from:date:message-id: subject:to:cc:content-type:x-system-of-record; b=A/qLlKaIgROqDA6RDRqywwjLSk7FCM87mNVpkU7Uqrwx6IcjHM5dVbdGedHWYE1IE nxjgG8OE8J1WPEni8R+Ag==
Received: from gyg8 (gyg8.prod.google.com [10.243.50.136]) by kpbe11.cbf.corp.google.com with ESMTP id o2F9UwTp005276 for <hybi@ietf.org>; Mon, 15 Mar 2010 04:30:58 -0500
Received: by gyg8 with SMTP id 8so1726341gyg.33 for <hybi@ietf.org>; Mon, 15 Mar 2010 02:30:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.91.164.5 with SMTP id r5mr1975327ago.95.1268645458230; Mon, 15 Mar 2010 02:30:58 -0700 (PDT)
In-Reply-To: <B578CFED7FE85644A170F4F7C9D52692019544C5@ESESSCMS0361.eemea.ericsson.se>
References: <Acq+3K7V2larVGEjRiejqmwvDfLl8A==> <B578CFED7FE85644A170F4F7C9D52692019544C5@ESESSCMS0361.eemea.ericsson.se>
From: Takeshi Yoshino <tyoshino@google.com>
Date: Mon, 15 Mar 2010 18:30:38 +0900
Message-ID: <3d5f2a811003150230sdeb4f78hbdece96e5c742cfc@mail.gmail.com>
To: Vladimir Katardjiev <vladimir.katardjiev@ericsson.com>
Content-Type: multipart/alternative; boundary="0016e640d430e23ea00481d38951"
X-System-Of-Record: true
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Revised WebSocket Feedback
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Mar 2010 09:31:35 -0000

Hi,

2010/3/9 Vladimir Katardjiev <vladimir.katardjiev@ericsson.com>

> Heya,
>
> So, after some implementation work it's time to channel some responses.
>
> First, a copy/paste error. Page 31 seems to be missing Sec-WebSocket-Key2.
>
> Same page, you probably meant | instead of " in
>
>        (such as |Cookie")
>
> Also, this might be just my reading comprehension, but the following
> paragraph caused a double-take
>
>        if a server assumes that its clients are authorized
>      on the basis that they can connect [...] then the server
>      should also verify that the client's handshake includes the
>      invariant "Upgrade" and "Connection" parts of the handshake, and
>      should send the server's handshake before changing any user data.
>
> Checking Upgrade and Connection is redundant if Sec-WebSocket-* are present
> from a browser PoV;that was the point of them, no? Furthermore, it is not
> evident that by /sending/ a reply you're preventing cross-protocol attacks.
> I guess you meant by reading the client's handshake (which just happens to
> be a part of the "sending reply" section).
>
> Right, time to graduate from reading comprehension into actual questions.
> The big addition obviously Sec-WebSocket-Key1/2. Are there any fundamental
> limitations on where spaces can and should occur in the header? According to
> my interpretation as it stands, the following string is a perfectly valid
> key: "    4abcd". Is this intended? And, if so, can the leading (or
> trailing, if so inclined) spaces cause issues when parsing by
> proxies/existing stacks?
>
>
E.g. when /number_1/ is set to 0, /key_1/ will be "0" regardless of
/spaces_1/. Then, in step 21, we have to insert /spaces_1/ spaces into this
string with a length of 1. This is problematic since the only possible
positions for the first insertion are the head and tail of the target
string.

I agree that we should avoid putting spaces on the tail or the head (at
least putting a space for this algorithm on the head must be prohibited).
How about swapping step 21 and 22?


> Also, I must've missed the big discussion, but what's the rationale of
> having two key headers. One I can buy, but since it should already be
> impossible to create a Sec-* header from a browser, AND it is impossible to
> add spaces to the header value, AND it is a GET with a body, it's already
> triple impossible (impossibler? impossiblest?) for XHR/CORS to forge. If
> someone has a handy link to where this suggestion was born it'd be
> appreciated, because this seems like quite a bit of computation involved.
>
> The junk characters in the handshake also seem redundant. If you already
> need to verify the correct number of spaces this means you are checking for
> spaces already. As for the garbage characters, all they made me do was
> replace("[^0-9]", '') instead of replace(' ', '') so I'd say they didn't
> alter the functionality of my code other than take up more CPU cycles.
>
> The closing handshake is also interesting. Maybe state in 5.3. that the
> server shouldn't disconnect on 0xFF (instead of may; it still may, but is
> discouraged from doing so since it may cause data loss. If the target
> audience really is the kind of programmer you need to verify their code by
> actually ensuring they read the spaces, then make the default level of the
> protocol ensure data integrity, because that's what they'll see in the lab
> network).
>
> Finally, and probably my smallest serious gripe, but what's up with the mix
> of references to ASCII and UTF-8 as characters. It is all technically
> correct, to nobody's surprise, but it's distracting to read. I hope it's
> just a transitional thing and it'll eventually be UTF-8 throughout but it
> was just too boring to do it all at once.
>
> Cheers,
> Vladimir
>
> PS, some notes that border on the psychopathic crazy programmer in a dark
> dungeon mindset. These can be safely ignored.
>
> Page 20:  EXAMPLE: For example
>
> Acknowledgement: OK!
>
> Page 22: -> If the byte is 0x3A (ASCII :)
>
> The internet has damaged me so badly this was a smiley face.
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi
>

v2.23.0 | Report a Bug | By Email