From ea22c846b285ee4f71efc0fc050a4759880433a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jorma=20T=C3=A4htinen?= <Jorma.Tahtinen@digia.com>
Date: Wed, 6 Aug 2014 16:12:54 +0300
Subject: [PATCH] Fix QWebSocketServer for clients preferring lowercase http
headers.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
QWebSocketServer should not use case-sensitive compare to validate
http headers for incoming connections.
Change-Id: Ie7b8a9f6ca1a0b547eb7a924f6392395f812b0e3
Task-number: QTBUG-40615
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
---
src/websockets/qwebsockethandshakerequest.cpp | 18 +++++++++---------
.../handshakerequest/tst_handshakerequest.cpp | 10 +++++-----
2 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/src/websockets/qwebsockethandshakerequest.cpp b/src/websockets/qwebsockethandshakerequest.cpp
index c71984f6..2476a818 100644
--- a/src/websockets/qwebsockethandshakerequest.cpp
+++ b/src/websockets/qwebsockethandshakerequest.cpp
@@ -218,11 +218,11 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream)
clear();
return;
}
- m_headers.insertMulti(headerField.at(0), headerField.at(1));
+ m_headers.insertMulti(headerField.at(0).toLower(), headerField.at(1));
headerLine = textStream.readLine();
}
- const QString host = m_headers.value(QStringLiteral("Host"), QString());
+ const QString host = m_headers.value(QStringLiteral("host"), QString());
m_requestUrl = QUrl::fromEncoded(resourceName.toLatin1());
if (m_requestUrl.isRelative())
m_requestUrl.setHost(host);
@@ -231,7 +231,7 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream)
m_requestUrl.setScheme(scheme);
}
- const QStringList versionLines = m_headers.values(QStringLiteral("Sec-WebSocket-Version"));
+ const QStringList versionLines = m_headers.values(QStringLiteral("sec-websocket-version"));
for (QStringList::const_iterator v = versionLines.begin(); v != versionLines.end(); ++v) {
const QStringList versions = (*v).split(QStringLiteral(","), QString::SkipEmptyParts);
for (QStringList::const_iterator i = versions.begin(); i != versions.end(); ++i) {
@@ -248,11 +248,11 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream)
}
//sort in descending order
std::sort(m_versions.begin(), m_versions.end(), std::greater<QWebSocketProtocol::Version>());
- m_key = m_headers.value(QStringLiteral("Sec-WebSocket-Key"), QString());
+ m_key = m_headers.value(QStringLiteral("sec-websocket-key"), QString());
//must contain "Upgrade", case-insensitive
- const QString upgrade = m_headers.value(QStringLiteral("Upgrade"), QString());
+ const QString upgrade = m_headers.value(QStringLiteral("upgrade"), QString());
//must be equal to "websocket", case-insensitive
- const QString connection = m_headers.value(QStringLiteral("Connection"), QString());
+ const QString connection = m_headers.value(QStringLiteral("connection"), QString());
const QStringList connectionLine = connection.split(QStringLiteral(","),
QString::SkipEmptyParts);
QStringList connectionValues;
@@ -260,14 +260,14 @@ void QWebSocketHandshakeRequest::readHandshake(QTextStream &textStream)
connectionValues << (*c).trimmed();
//optional headers
- m_origin = m_headers.value(QStringLiteral("Sec-WebSocket-Origin"), QString());
- const QStringList protocolLines = m_headers.values(QStringLiteral("Sec-WebSocket-Protocol"));
+ m_origin = m_headers.value(QStringLiteral("sec-websocket-origin"), QString());
+ const QStringList protocolLines = m_headers.values(QStringLiteral("sec-websocket-protocol"));
for (QStringList::const_iterator pl = protocolLines.begin(); pl != protocolLines.end(); ++pl) {
QStringList protocols = (*pl).split(QStringLiteral(","), QString::SkipEmptyParts);
for (QStringList::const_iterator p = protocols.begin(); p != protocols.end(); ++p)
m_protocols << (*p).trimmed();
}
- const QStringList extensionLines = m_headers.values(QStringLiteral("Sec-WebSocket-Extensions"));
+ const QStringList extensionLines = m_headers.values(QStringLiteral("sec-websocket-extensions"));
for (QStringList::const_iterator el = extensionLines.begin();
el != extensionLines.end(); ++el) {
QStringList extensions = (*el).split(QStringLiteral(","), QString::SkipEmptyParts);
diff --git a/tests/auto/handshakerequest/tst_handshakerequest.cpp b/tests/auto/handshakerequest/tst_handshakerequest.cpp
index 6e26af48..3e6ec40e 100644
--- a/tests/auto/handshakerequest/tst_handshakerequest.cpp
+++ b/tests/auto/handshakerequest/tst_handshakerequest.cpp
@@ -275,11 +275,11 @@ void tst_HandshakeRequest::tst_multipleVersions()
QCOMPARE(request.extensions().length(), 0);
QCOMPARE(request.protocols().length(), 0);
QCOMPARE(request.headers().size(), 5);
- QVERIFY(request.headers().contains(QStringLiteral("Host")));
- QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Version")));
- QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Key")));
- QVERIFY(request.headers().contains(QStringLiteral("Upgrade")));
- QVERIFY(request.headers().contains(QStringLiteral("Connection")));
+ QVERIFY(request.headers().contains(QStringLiteral("host")));
+ QVERIFY(request.headers().contains(QStringLiteral("sec-websocket-version")));
+ QVERIFY(request.headers().contains(QStringLiteral("sec-websocket-key")));
+ QVERIFY(request.headers().contains(QStringLiteral("upgrade")));
+ QVERIFY(request.headers().contains(QStringLiteral("connection")));
QCOMPARE(request.key(), QStringLiteral("AVDFBDDFF"));
QCOMPARE(request.origin().length(), 0);
QCOMPARE(request.requestUrl(), QUrl("ws://foo.com/test"));
--
GitLab