1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/server/web_socket.h"
7 #include "base/base64.h"
8 #include "base/logging.h"
10 #include "base/sha1.h"
11 #include "base/strings/string_number_conversions.h"
12 #include "base/strings/stringprintf.h"
13 #include "base/sys_byteorder.h"
14 #include "net/server/http_connection.h"
15 #include "net/server/http_server.h"
16 #include "net/server/http_server_request_info.h"
17 #include "net/server/http_server_response_info.h"
18 #include "net/server/web_socket_encoder.h"
24 static uint32
WebSocketKeyFingerprint(const std::string
& str
) {
26 const char* p_char
= str
.c_str();
27 int length
= str
.length();
29 for (int i
= 0; i
< length
; ++i
) {
30 if (p_char
[i
] >= '0' && p_char
[i
] <= '9')
31 result
.append(&p_char
[i
], 1);
32 else if (p_char
[i
] == ' ')
38 if (!base::StringToInt64(result
, &number
))
40 return base::HostToNet32(static_cast<uint32
>(number
/ spaces
));
43 class WebSocketHixie76
: public WebSocket
{
45 static WebSocket
* Create(HttpServer
* server
,
46 HttpConnection
* connection
,
47 const HttpServerRequestInfo
& request
,
49 if (connection
->read_buf()->GetSize() <
50 static_cast<int>(*pos
+ kWebSocketHandshakeBodyLen
))
52 return new WebSocketHixie76(server
, connection
, request
, pos
);
55 void Accept(const HttpServerRequestInfo
& request
) override
{
56 std::string key1
= request
.GetHeaderValue("sec-websocket-key1");
57 std::string key2
= request
.GetHeaderValue("sec-websocket-key2");
59 uint32 fp1
= WebSocketKeyFingerprint(key1
);
60 uint32 fp2
= WebSocketKeyFingerprint(key2
);
63 memcpy(data
, &fp1
, 4);
64 memcpy(data
+ 4, &fp2
, 4);
65 memcpy(data
+ 8, &key3_
[0], 8);
67 base::MD5Digest digest
;
68 base::MD5Sum(data
, 16, &digest
);
70 std::string origin
= request
.GetHeaderValue("origin");
71 std::string host
= request
.GetHeaderValue("host");
72 std::string location
= "ws://" + host
+ request
.path
;
75 base::StringPrintf("HTTP/1.1 101 WebSocket Protocol Handshake\r\n"
76 "Upgrade: WebSocket\r\n"
77 "Connection: Upgrade\r\n"
78 "Sec-WebSocket-Origin: %s\r\n"
79 "Sec-WebSocket-Location: %s\r\n"
83 server_
->SendRaw(connection_
->id(),
84 std::string(reinterpret_cast<char*>(digest
.a
), 16));
87 ParseResult
Read(std::string
* message
) override
{
89 HttpConnection::ReadIOBuffer
* read_buf
= connection_
->read_buf();
90 if (read_buf
->StartOfBuffer()[0])
93 base::StringPiece
data(read_buf
->StartOfBuffer(), read_buf
->GetSize());
94 size_t pos
= data
.find('\377', 1);
95 if (pos
== base::StringPiece::npos
)
96 return FRAME_INCOMPLETE
;
98 message
->assign(data
.data() + 1, pos
- 1);
99 read_buf
->DidConsume(pos
+ 1);
104 void Send(const std::string
& message
) override
{
105 char message_start
= 0;
106 char message_end
= -1;
107 server_
->SendRaw(connection_
->id(), std::string(1, message_start
));
108 server_
->SendRaw(connection_
->id(), message
);
109 server_
->SendRaw(connection_
->id(), std::string(1, message_end
));
113 static const int kWebSocketHandshakeBodyLen
;
115 WebSocketHixie76(HttpServer
* server
,
116 HttpConnection
* connection
,
117 const HttpServerRequestInfo
& request
,
119 : WebSocket(server
, connection
) {
120 std::string key1
= request
.GetHeaderValue("sec-websocket-key1");
121 std::string key2
= request
.GetHeaderValue("sec-websocket-key2");
124 server
->SendResponse(
126 HttpServerResponseInfo::CreateFor500(
127 "Invalid request format. Sec-WebSocket-Key1 is empty or isn't "
133 server
->SendResponse(
135 HttpServerResponseInfo::CreateFor500(
136 "Invalid request format. Sec-WebSocket-Key2 is empty or isn't "
141 key3_
.assign(connection
->read_buf()->StartOfBuffer() + *pos
,
142 kWebSocketHandshakeBodyLen
);
143 *pos
+= kWebSocketHandshakeBodyLen
;
148 DISALLOW_COPY_AND_ASSIGN(WebSocketHixie76
);
151 const int WebSocketHixie76::kWebSocketHandshakeBodyLen
= 8;
153 class WebSocketHybi17
: public WebSocket
{
155 static WebSocket
* Create(HttpServer
* server
,
156 HttpConnection
* connection
,
157 const HttpServerRequestInfo
& request
,
159 std::string version
= request
.GetHeaderValue("sec-websocket-version");
160 if (version
!= "8" && version
!= "13")
163 std::string key
= request
.GetHeaderValue("sec-websocket-key");
165 server
->SendResponse(
167 HttpServerResponseInfo::CreateFor500(
168 "Invalid request format. Sec-WebSocket-Key is empty or isn't "
172 return new WebSocketHybi17(server
, connection
, request
, pos
);
175 void Accept(const HttpServerRequestInfo
& request
) override
{
176 static const char* const kWebSocketGuid
=
177 "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
178 std::string key
= request
.GetHeaderValue("sec-websocket-key");
179 std::string data
= base::StringPrintf("%s%s", key
.c_str(), kWebSocketGuid
);
180 std::string encoded_hash
;
181 base::Base64Encode(base::SHA1HashString(data
), &encoded_hash
);
183 server_
->SendRaw(connection_
->id(),
185 "HTTP/1.1 101 WebSocket Protocol Handshake\r\n"
186 "Upgrade: WebSocket\r\n"
187 "Connection: Upgrade\r\n"
188 "Sec-WebSocket-Accept: %s\r\n"
191 encoded_hash
.c_str(), response_extensions_
.c_str()));
194 ParseResult
Read(std::string
* message
) override
{
195 HttpConnection::ReadIOBuffer
* read_buf
= connection_
->read_buf();
196 base::StringPiece
frame(read_buf
->StartOfBuffer(), read_buf
->GetSize());
197 int bytes_consumed
= 0;
198 ParseResult result
= encoder_
->DecodeFrame(frame
, &bytes_consumed
, message
);
199 if (result
== FRAME_OK
)
200 read_buf
->DidConsume(bytes_consumed
);
201 if (result
== FRAME_CLOSE
)
206 void Send(const std::string
& message
) override
{
210 encoder_
->EncodeFrame(message
, 0, &encoded
);
211 server_
->SendRaw(connection_
->id(), encoded
);
215 WebSocketHybi17(HttpServer
* server
,
216 HttpConnection
* connection
,
217 const HttpServerRequestInfo
& request
,
219 : WebSocket(server
, connection
),
221 std::string request_extensions
=
222 request
.GetHeaderValue("sec-websocket-extensions");
223 encoder_
.reset(WebSocketEncoder::CreateServer(request_extensions
,
224 &response_extensions_
));
225 if (!response_extensions_
.empty()) {
226 response_extensions_
=
227 "Sec-WebSocket-Extensions: " + response_extensions_
+ "\r\n";
231 scoped_ptr
<WebSocketEncoder
> encoder_
;
232 std::string response_extensions_
;
235 DISALLOW_COPY_AND_ASSIGN(WebSocketHybi17
);
238 } // anonymous namespace
240 WebSocket
* WebSocket::CreateWebSocket(HttpServer
* server
,
241 HttpConnection
* connection
,
242 const HttpServerRequestInfo
& request
,
244 WebSocket
* socket
= WebSocketHybi17::Create(server
, connection
, request
, pos
);
248 return WebSocketHixie76::Create(server
, connection
, request
, pos
);
251 WebSocket::WebSocket(HttpServer
* server
, HttpConnection
* connection
)
253 connection_(connection
) {
256 WebSocket::~WebSocket() {