Sec-WebSocket-Protocol should only return a single value

Anonymous avatarAnonymous created an issue

I noticed this while trying to make noVNC with with gevent-websocket (instead of the websocket implementation shipped with noVNC).

If a client sends "Sec-WebSocket-Protocol: binary, base64" (or sends single values, multiple times for that header), the server must, according to the RFC, only respond with a single value - in this case, most logically "binary".

This bug is causing the noVNC client to see a response of "Sec-WebSocket-Protocol: binary, base64", and interpret that as the server having not chosen a sub-protocol. The noVNC client then proceeds to use base64, which fails, since gevent-websocket does not implement that (although noVNC's websocket server does - maybe we could also support base64?)

Comments (1)

  1. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.