feat: add max_header_len & validate_handshake options
#94
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tjasko
force-pushed
the
feat/ws-upgrade-validation
branch
from
884133b to
9710364
Compare
- Added `max_header_len` option to limit the maximum allowed header size during the WebSocket upgrade process. - Added `validate_handshake` option to enforce that the WebSocket handshake response must return HTTP 101. - Improved HTTP response parsing by checking the status line and extracting response headers properly. - Added new test cases
tjasko
force-pushed
the
feat/ws-upgrade-validation
branch
from
9710364 to
2db11ae
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introducing new functionality to add two new options to
client:new(). Changes have been implemented in a way to retain backward compatibility.max_header_lenoption to limit the maximum allowed header size during the WebSocket upgrade process.validate_handshakeoption to enforce that the WebSocket handshake response must return HTTP 101.Not all existing tests are passing, but that's unrelated to this improvement. I had to re-generate a new certificate to get Nginx happy, this likely should be fixed in another pull request & add the below to the
Makefile:$ openssl req -new -key test.key -out test.csr -subj "/C=US/ST=California/L=San Francisco/O=OpenResty/OU=OpenResty/CN=test.com/[email protected]" $ openssl x509 -req -days 365 -in test.csr -signkey test.key -out test.crtThanks for considering this change!