diff options
author | Loïc Hoguin <[email protected]> | 2018-03-05 15:45:38 +0100 |
---|---|---|
committer | Loïc Hoguin <[email protected]> | 2018-03-05 15:50:47 +0100 |
commit | 8b9f9f086691d154d6822c013a7f162a9726e390 (patch) | |
tree | 412b99c08c296ab288c7ee1667b3ca68e284afcf /src/cow_http_hd.erl | |
parent | ecfcaa12fb2f1aa1226e9329e96cb4ecedbc1bc3 (diff) | |
download | cowlib-8b9f9f086691d154d6822c013a7f162a9726e390.tar.gz cowlib-8b9f9f086691d154d6822c013a7f162a9726e390.tar.bz2 cowlib-8b9f9f086691d154d6822c013a7f162a9726e390.zip |
The Websocket subprotocol tokens are case sensitive
As clarified in https://tools.ietf.org/html/rfc7936 the IANA
registry only accepts case insensitive values for clarity's
sake but the actual tokens are case sensitive.
Diffstat (limited to 'src/cow_http_hd.erl')
-rw-r--r-- | src/cow_http_hd.erl | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/src/cow_http_hd.erl b/src/cow_http_hd.erl index 08c392b..7ff2112 100644 --- a/src/cow_http_hd.erl +++ b/src/cow_http_hd.erl @@ -2624,12 +2624,13 @@ parse_sec_websocket_key(SecWebSocketKey) -> -spec parse_sec_websocket_protocol_req(binary()) -> [binary()]. parse_sec_websocket_protocol_req(SecWebSocketProtocol) -> - nonempty(token_ci_list(SecWebSocketProtocol, [])). + nonempty(token_list(SecWebSocketProtocol, [])). -ifdef(TEST). parse_sec_websocket_protocol_req_test_() -> Tests = [ - {<<"chat, superchat">>, [<<"chat">>, <<"superchat">>]} + {<<"chat, superchat">>, [<<"chat">>, <<"superchat">>]}, + {<<"Chat, SuperChat">>, [<<"Chat">>, <<"SuperChat">>]} ], [{V, fun() -> R = parse_sec_websocket_protocol_req(V) end} || {V, R} <- Tests]. @@ -2649,23 +2650,21 @@ horse_parse_sec_websocket_protocol_req() -> %% @doc Parse the Sec-Websocket-Protocol response header. -spec parse_sec_websocket_protocol_resp(binary()) -> binary(). -parse_sec_websocket_protocol_resp(<< C, R/bits >>) when ?IS_TOKEN(C) -> - ?LOWER(token_ci, R, <<>>). - -token_ci(<<>>, T) -> T; -token_ci(<< C, R/bits >>, T) when ?IS_TOKEN(C) -> - ?LOWER(token_ci, R, T). +parse_sec_websocket_protocol_resp(Protocol) -> + true = <<>> =/= Protocol, + ok = validate_token(Protocol), + Protocol. -ifdef(TEST). prop_parse_sec_websocket_protocol_resp() -> ?FORALL(T, token(), - ?LOWER(T) =:= parse_sec_websocket_protocol_resp(T)). + T =:= parse_sec_websocket_protocol_resp(T)). parse_sec_websocket_protocol_resp_test_() -> Tests = [ {<<"chat">>, <<"chat">>}, - {<<"CHAT">>, <<"chat">>} + {<<"CHAT">>, <<"CHAT">>} ], [{V, fun() -> R = parse_sec_websocket_protocol_resp(V) end} || {V, R} <- Tests]. |