Case-sensitive "connection" upgrade request header check breaks WebSocket connection
Categories
(Remote Protocol :: Agent, defect, P3)
Tracking
(firefox87 fixed)
| Tracking | Status | |
|---|---|---|
| firefox87 | --- | fixed |
People
(Reporter: barancev, Assigned: david.burns)
References
Details
Attachments
(1 file)
|
(deleted),
text/x-phabricator-request
|
Details |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
Steps to reproduce:
Using WebDriver client to establish websockets connection to devtools.
Actual results:
The client sends a request like this:
GET /devtools/browser/7bf2f22f-20c2-a24a-8e2e-65c915b33f68 HTTP/1.1
upgrade: websocket
connection: upgrade
sec-websocket-key: PVcEwBy4ZRRAg54cU+qcOg==
sec-websocket-version: 13
origin: http://localhost:59770
host: localhost:59770
accept: /
user-agent: AHC/2.1
but geckodriver responds with "400 Bad Request" and the log says
JavaScript error: chrome://remote/content/server/WebSocketHandshake.jsm, line 99: Error: The handshake request has incorrect Connection header
Expected results:
Looking at the WebSocketHandshake.jsm code I've found that it checks "connection" header to contain "Upgrade" token:
89 const connection = headers.get("connection");
90 if (
91 !connection ||
92 !connection
93 .split(",")
94 .map(t => t.trim())
95 .includes("Upgrade")
96 ) {
97 throw new Error("The handshake request has incorrect Connection header");
98 }
But according to RFC 6455 Section 4.2.1 it should perform a a check for
"A |Connection| header field that includes the token "Upgrade", treated as an ASCII case-insensitive value."
|
Assignee | |
Comment 1•4 years ago
|
||
Some client bindings will send over the headers with either a capital
first letter and some might not. We need to handle all cases
|
||
Updated•4 years ago
|
|
||
Updated•4 years ago
|
|
|
||
Updated•4 years ago
|
|
||
Comment 3•4 years ago
|
||
| bugherder | ||
Description
•