OLD | NEW |
1 // Copyright (c) 2014, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2014, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 import 'dart:convert'; | 5 import 'dart:convert'; |
6 | 6 |
7 import 'package:http_parser/http_parser.dart'; | 7 import 'package:http_parser/http_parser.dart'; |
8 import 'package:shelf/shelf.dart'; | 8 import 'package:shelf/shelf.dart'; |
9 | 9 |
10 /// A class that exposes a handler for upgrading WebSocket requests. | 10 /// A class that exposes a handler for upgrading WebSocket requests. |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
57 // The Origin header is always set by browser connections. By filtering out | 57 // The Origin header is always set by browser connections. By filtering out |
58 // unexpected origins, we ensure that malicious JavaScript is unable to fake | 58 // unexpected origins, we ensure that malicious JavaScript is unable to fake |
59 // a WebSocket handshake. | 59 // a WebSocket handshake. |
60 var origin = request.headers['Origin']; | 60 var origin = request.headers['Origin']; |
61 if (origin != null && _allowedOrigins != null && | 61 if (origin != null && _allowedOrigins != null && |
62 !_allowedOrigins.contains(origin.toLowerCase())) { | 62 !_allowedOrigins.contains(origin.toLowerCase())) { |
63 return _forbidden('invalid origin "$origin".'); | 63 return _forbidden('invalid origin "$origin".'); |
64 } | 64 } |
65 | 65 |
66 var protocol = _chooseProtocol(request); | 66 var protocol = _chooseProtocol(request); |
67 request.hijack((stream, byteSink) { | 67 request.hijack((channel) { |
68 var sink = UTF8.encoder.startChunkedConversion(byteSink); | 68 var sink = UTF8.encoder.startChunkedConversion(channel.sink); |
69 sink.add( | 69 sink.add( |
70 "HTTP/1.1 101 Switching Protocols\r\n" | 70 "HTTP/1.1 101 Switching Protocols\r\n" |
71 "Upgrade: websocket\r\n" | 71 "Upgrade: websocket\r\n" |
72 "Connection: Upgrade\r\n" | 72 "Connection: Upgrade\r\n" |
73 "Sec-WebSocket-Accept: ${CompatibleWebSocket.signKey(key)}\r\n"); | 73 "Sec-WebSocket-Accept: ${CompatibleWebSocket.signKey(key)}\r\n"); |
74 if (protocol != null) sink.add("Sec-WebSocket-Protocol: $protocol\r\n"); | 74 if (protocol != null) sink.add("Sec-WebSocket-Protocol: $protocol\r\n"); |
75 sink.add("\r\n"); | 75 sink.add("\r\n"); |
76 | 76 |
77 _onConnection(new CompatibleWebSocket(stream, sink: byteSink), protocol); | 77 _onConnection(new WebSocketChannel(channel), protocol); |
78 }); | 78 }); |
79 | 79 |
80 // [request.hijack] is guaranteed to throw a [HijackException], so we'll | 80 // [request.hijack] is guaranteed to throw a [HijackException], so we'll |
81 // never get here. | 81 // never get here. |
82 assert(false); | 82 assert(false); |
83 return null; | 83 return null; |
84 } | 84 } |
85 | 85 |
86 /// Selects a subprotocol to use for the given connection. | 86 /// Selects a subprotocol to use for the given connection. |
87 /// | 87 /// |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
124 <html> | 124 <html> |
125 <head><title>$title</title></head> | 125 <head><title>$title</title></head> |
126 <body> | 126 <body> |
127 <h1>$title</h1> | 127 <h1>$title</h1> |
128 <p>$message</p> | 128 <p>$message</p> |
129 </body> | 129 </body> |
130 </html> | 130 </html> |
131 """, headers: {'content-type': 'text/html'}); | 131 """, headers: {'content-type': 'text/html'}); |
132 } | 132 } |
133 } | 133 } |
OLD | NEW |