IETF Logo Mail Archive

Re: [hybi] WebSocket subprotocol parameters

Tobias Oberstein <tobias.oberstein@tavendo.de> Fri, 17 January 2014 13:01 UTC

Return-Path: <tobias.oberstein@tavendo.de>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 387E91AE0AD for <hybi@ietfa.amsl.com>; Fri, 17 Jan 2014 05:01:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cn3sys6WHGLO for <hybi@ietfa.amsl.com>; Fri, 17 Jan 2014 05:01:20 -0800 (PST)
Received: from EXHUB020-4.exch020.serverdata.net (exhub020-4.exch020.serverdata.net [206.225.164.31]) by ietfa.amsl.com (Postfix) with ESMTP id E679B1AE0A6 for <hybi@ietf.org>; Fri, 17 Jan 2014 05:01:19 -0800 (PST)
Received: from EXVMBX020-12.exch020.serverdata.net ([169.254.3.11]) by EXHUB020-4.exch020.serverdata.net ([206.225.164.31]) with mapi; Fri, 17 Jan 2014 05:01:07 -0800
From: Tobias Oberstein <tobias.oberstein@tavendo.de>
To: Julian Reschke <julian.reschke@gmx.de>, "hybi@ietf.org" <hybi@ietf.org>
Date: Fri, 17 Jan 2014 05:01:05 -0800
Thread-Topic: [hybi] WebSocket subprotocol parameters
Thread-Index: Ac8TdMVAz2gO9MBiQtebOK6QNcwqsAADn3Ag
Message-ID: <634914A010D0B943A035D226786325D4446BF9949D@EXVMBX020-12.exch020.serverdata.net>
References: <634914A010D0B943A035D226786325D4446BF9948F@EXVMBX020-12.exch020.serverdata.net> <52D90F99.6080205@gmx.de>
In-Reply-To: <52D90F99.6080205@gmx.de>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: de-DE, en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [hybi] WebSocket subprotocol parameters
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi/>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 13:01:21 -0000

> > Was there any good reason disallowing parameters for "Sec-WebSocket-
> Protocol"?
> 
> I think that was discussed and the decision was made on purpose. For details
> you'll have to visit the mailing list archives though.

I can't find it .. searching the Hybi archives is a pain ..

> 
> > If not, could this be fixed via errata for RFC6455?
> 
> Um, no. This is not a bug but a change request (with the potential of breaking
> existing code).

Alright. I see.

It seems, WebKit is absolutely strict about allowed characters

https://trac.webkit.org/browser/trunk/Source/WebCore/Modules/websockets/WebSocket.cpp#L71

will only match "exactly"

https://trac.webkit.org/browser/trunk/Source/WebCore/Modules/websockets/WebSocketHandshake.cpp#L552

and, interestingly, will nevertheless escape any characters normally disallowed using Unicode escape sequences

https://trac.webkit.org/browser/trunk/Source/WebCore/Modules/websockets/WebSocket.cpp#L95

Thanks!
/Tobias

> 
> Best regards, Julian

v2.23.0 | Report a Bug | By Email