From 77d2f9c4ef5ae5070123cee4bca9870ff5f4c5fa Mon Sep 17 00:00:00 2001 From: Norman Maurer Date: Sun, 22 Apr 2012 12:56:37 +0200 Subject: [PATCH] Upgrade and Connection header must be matched in a case-insensitive manner in WebSocket 08 and 13. See #278 --- .../http/websocketx/WebSocketClientHandshaker08.java | 10 +++++++--- .../http/websocketx/WebSocketClientHandshaker13.java | 8 ++++++-- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker08.java b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker08.java index d22fc965fa..4e8f24598d 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker08.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker08.java @@ -181,17 +181,21 @@ public class WebSocketClientHandshaker08 extends WebSocketClientHandshaker { } String upgrade = response.getHeader(Names.UPGRADE); - if (upgrade == null || !upgrade.equals(Values.WEBSOCKET.toLowerCase())) { + // Upgrade header should be matched case-insensitive. + // See https://github.com/netty/netty/issues/278 + if (upgrade == null || !upgrade.toLowerCase().equals(Values.WEBSOCKET.toLowerCase())) { throw new WebSocketHandshakeException("Invalid handshake response upgrade: " + response.getHeader(Names.UPGRADE)); } + // Connection header should be matched case-insensitive. + // See https://github.com/netty/netty/issues/278 String connection = response.getHeader(Names.CONNECTION); - if (connection == null || !connection.equals(Values.UPGRADE)) { + if (connection == null || !connection.toLowerCase().equals(Values.UPGRADE.toLowerCase())) { throw new WebSocketHandshakeException("Invalid handshake response connection: " + response.getHeader(Names.CONNECTION)); } - + String accept = response.getHeader(Names.SEC_WEBSOCKET_ACCEPT); if (accept == null || !accept.equals(expectedChallengeResponseString)) { throw new WebSocketHandshakeException(String.format("Invalid challenge. Actual: %s. Expected: %s", accept, diff --git a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker13.java b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker13.java index cce6f55265..6d2348b4ae 100644 --- a/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker13.java +++ b/codec-http/src/main/java/io/netty/handler/codec/http/websocketx/WebSocketClientHandshaker13.java @@ -178,13 +178,17 @@ public class WebSocketClientHandshaker13 extends WebSocketClientHandshaker { } String upgrade = response.getHeader(Names.UPGRADE); - if (upgrade == null || !upgrade.equals(Values.WEBSOCKET.toLowerCase())) { + // Upgrade header should be matched case-insensitive. + // See https://github.com/netty/netty/issues/278 + if (upgrade == null || !upgrade.toLowerCase().equals(Values.WEBSOCKET.toLowerCase())) { throw new WebSocketHandshakeException("Invalid handshake response upgrade: " + response.getHeader(Names.UPGRADE)); } + // Connection header should be matched case-insensitive. + // See https://github.com/netty/netty/issues/278 String connection = response.getHeader(Names.CONNECTION); - if (connection == null || !connection.equals(Values.UPGRADE)) { + if (connection == null || !connection.toLowerCase().equals(Values.UPGRADE.toLowerCase())) { throw new WebSocketHandshakeException("Invalid handshake response connection: " + response.getHeader(Names.CONNECTION)); }