Bug 228329

Summary: WebSocket: Safari on iOS 15 beta 3 is sending invalid close frame
Product: WebKit Reporter: Lars Mikkelsen <lars>
Component: WebCore Misc.Assignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, rik, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Other   
See Also: https://bugs.webkit.org/show_bug.cgi?id=228296
Attachments:
Description Flags
WebSocket close frame with invalid status code
none
Patch
none
Patch none

Description Lars Mikkelsen 2021-07-27 09:20:12 PDT 
Created attachment 434293 [details]
WebSocket close frame with invalid status code

We have a dev-server based on the ws Node library. We've noticed that Safari on iOS 15 beta 3 is causing ws to throw "RangeError: Invalid WebSocket frame: invalid status code 22373" (as reported by other users at https://github.com/websockets/ws/issues/1916). I've tracked this down to Safari sending a WebSocket close frame without a two-byte status code, so the first two bytes of the reason "WebSocket is closed due to suspension." are interpreted as the status code, i.e. 'We' == 0x5765 == 22373. As far as I can tell the message originates at https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/Modules/websockets/WebSocket.cpp#L522. I suspect r270882 surfaced this issue by now closing the WebSocket when WebSocketChannel::fail() is called. I have a hard time following the code from there, but I believe it eventually ends up calling NSURLSessionWebSocketTask::cancelWithCloseCode in https://trac.webkit.org/browser/webkit/trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.mm#L152 with a status code.
Comment 1 Radar WebKit Bug Importer 2021-07-27 10:23:35 PDT 
<rdar://problem/81169550>
Comment 2 Alex Christensen 2021-07-27 16:08:11 PDT 
Created attachment 434377 [details]
Patch
Comment 3 Alex Christensen 2021-07-27 17:00:17 PDT 
Created attachment 434386 [details]
Patch
Comment 4 EWS 2021-07-28 08:57:57 PDT 
Committed r280385 (240028@main): <https://commits.webkit.org/240028@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 434386 [details].
Comment 5 Alex Christensen 2021-07-28 09:24:28 PDT 
Thanks for the report, Lars!
Comment 6 Lars Mikkelsen 2021-07-28 10:31:54 PDT 
Thank you for the super quick fix!