OLD | NEW |
1 // Copyright (c) 2014, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2014, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 import 'dart:convert'; | 5 import 'dart:convert'; |
6 | 6 |
7 import 'package:shelf/shelf.dart'; | 7 import 'package:shelf/shelf.dart'; |
| 8 import 'package:stream_channel/stream_channel.dart'; |
8 import 'package:web_socket_channel/web_socket_channel.dart'; | 9 import 'package:web_socket_channel/web_socket_channel.dart'; |
9 | 10 |
10 /// A class that exposes a handler for upgrading WebSocket requests. | 11 /// A class that exposes a handler for upgrading WebSocket requests. |
11 class WebSocketHandler { | 12 class WebSocketHandler { |
12 /// The function to call when a request is upgraded. | 13 /// The function to call when a request is upgraded. |
13 final Function _onConnection; | 14 final Function _onConnection; |
14 | 15 |
15 /// The set of protocols the user supports, or `null`. | 16 /// The set of protocols the user supports, or `null`. |
16 final Set<String> _protocols; | 17 final Set<String> _protocols; |
17 | 18 |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
57 // The Origin header is always set by browser connections. By filtering out | 58 // The Origin header is always set by browser connections. By filtering out |
58 // unexpected origins, we ensure that malicious JavaScript is unable to fake | 59 // unexpected origins, we ensure that malicious JavaScript is unable to fake |
59 // a WebSocket handshake. | 60 // a WebSocket handshake. |
60 var origin = request.headers['Origin']; | 61 var origin = request.headers['Origin']; |
61 if (origin != null && _allowedOrigins != null && | 62 if (origin != null && _allowedOrigins != null && |
62 !_allowedOrigins.contains(origin.toLowerCase())) { | 63 !_allowedOrigins.contains(origin.toLowerCase())) { |
63 return _forbidden('invalid origin "$origin".'); | 64 return _forbidden('invalid origin "$origin".'); |
64 } | 65 } |
65 | 66 |
66 var protocol = _chooseProtocol(request); | 67 var protocol = _chooseProtocol(request); |
67 request.hijack((channel) { | 68 request.hijack((untypedChannel) { |
| 69 var channel = (untypedChannel as StreamChannel).cast/*<List<int>>*/(); |
| 70 |
68 var sink = UTF8.encoder.startChunkedConversion(channel.sink); | 71 var sink = UTF8.encoder.startChunkedConversion(channel.sink); |
69 sink.add( | 72 sink.add( |
70 "HTTP/1.1 101 Switching Protocols\r\n" | 73 "HTTP/1.1 101 Switching Protocols\r\n" |
71 "Upgrade: websocket\r\n" | 74 "Upgrade: websocket\r\n" |
72 "Connection: Upgrade\r\n" | 75 "Connection: Upgrade\r\n" |
73 "Sec-WebSocket-Accept: ${WebSocketChannel.signKey(key)}\r\n"); | 76 "Sec-WebSocket-Accept: ${WebSocketChannel.signKey(key)}\r\n"); |
74 if (protocol != null) sink.add("Sec-WebSocket-Protocol: $protocol\r\n"); | 77 if (protocol != null) sink.add("Sec-WebSocket-Protocol: $protocol\r\n"); |
75 sink.add("\r\n"); | 78 sink.add("\r\n"); |
76 | 79 |
77 _onConnection(new WebSocketChannel(channel), protocol); | 80 _onConnection(new WebSocketChannel(channel), protocol); |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
124 <html> | 127 <html> |
125 <head><title>$title</title></head> | 128 <head><title>$title</title></head> |
126 <body> | 129 <body> |
127 <h1>$title</h1> | 130 <h1>$title</h1> |
128 <p>$message</p> | 131 <p>$message</p> |
129 </body> | 132 </body> |
130 </html> | 133 </html> |
131 """, headers: {'content-type': 'text/html'}); | 134 """, headers: {'content-type': 'text/html'}); |
132 } | 135 } |
133 } | 136 } |
OLD | NEW |