Camel-case headers in handshake response only. Lower-case headers are not accepted.
Issue #5
resolved
Some servers (e.g. Netty) are sending lower-case headers in web-socket handshake response.
But eu.luminis.websocket.WebSocketClient.checkServerResponse(InputStream, String) is checking only for CamelCase headers.
For me it worked like the following:
if ((!"websocket".equals(getLowerCase((String) serverHeaders.get("Upgrade"))))
&& (!"websocket".equals(getLowerCase((String) serverHeaders.get("upgrade"))))) {
throw new HttpUpgradeException("Server response should contain 'Upgrade' header with value 'websocket'");
}
if ((!"upgrade".equals(getLowerCase((String) serverHeaders.get("Connection"))))
&& (!"upgrade".equals(getLowerCase((String) serverHeaders.get("connection"))))) {
throw new HttpUpgradeException("Server response should contain 'Connection' header with value 'Upgrade'");
}
if ((!serverHeaders.containsKey("Sec-WebSocket-Accept"))
&& (!serverHeaders.containsKey("sec-websocket-accept"))) {
throw new HttpUpgradeException("Server response should contain 'Sec-WebSocket-Accept' header");
}
and
if ((!expectedAcceptHeaderValue.equals(serverHeaders.get("Sec-WebSocket-Accept")))
&& (!expectedAcceptHeaderValue.equals(serverHeaders.get("sec-websocket-accept")))) {
throw new HttpUpgradeException("Server response header 'Sec-WebSocket-Accept' has incorrect value.");
}
But there should be some "ignore-case" solution.
Comments (3)
-
repo owner -
repo owner - changed status to resolved
Fix committed; will be in next release (0.7). If you like you can pull the fix and verify it's working correctly now.
-
reporter Thanks a lot, Peter. Works fine for me on latest revision.
- Log in to comment
Thanks for reporting this issue. It surprised me, because the specification seems to mandate "Upgrade" (see https://tools.ietf.org/html/rfc2616#section-14.42), but after some more digging i found this remark in https://tools.ietf.org/html/rfc2616#section-4.2: "Field names are case-insensitive.". ;-( So i guess you're right: there should be a proper "ignore-case" solution.