Bug 228329

Summary: WebSocket: Safari on iOS 15 beta 3 is sending invalid close frame
Product: WebKit Reporter: Lars Mikkelsen <lars>
Component: WebCore Misc.Assignee: Alex Christensen <achristensen>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, rik, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Other   
See Also: https://bugs.webkit.org/show_bug.cgi?id=228296
Attachments:
Description Flags
WebSocket close frame with invalid status code
none
Patch
none
Patch none

Lars Mikkelsen
Reported 2021-07-27 09:20:12 PDT
Created attachment 434293 [details] WebSocket close frame with invalid status code We have a dev-server based on the ws Node library. We've noticed that Safari on iOS 15 beta 3 is causing ws to throw "RangeError: Invalid WebSocket frame: invalid status code 22373" (as reported by other users at https://github.com/websockets/ws/issues/1916). I've tracked this down to Safari sending a WebSocket close frame without a two-byte status code, so the first two bytes of the reason "WebSocket is closed due to suspension." are interpreted as the status code, i.e. 'We' == 0x5765 == 22373. As far as I can tell the message originates at https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/Modules/websockets/WebSocket.cpp#L522. I suspect r270882 surfaced this issue by now closing the WebSocket when WebSocketChannel::fail() is called. I have a hard time following the code from there, but I believe it eventually ends up calling NSURLSessionWebSocketTask::cancelWithCloseCode in https://trac.webkit.org/browser/webkit/trunk/Source/WebKit/NetworkProcess/cocoa/WebSocketTaskCocoa.mm#L152 with a status code.
Attachments
WebSocket close frame with invalid status code (46.57 KB, image/png)
2021-07-27 09:20 PDT, Lars Mikkelsen 		no flags
Details
Patch (8.08 KB, patch)
2021-07-27 16:08 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Patch (8.26 KB, patch)
2021-07-27 17:00 PDT, Alex Christensen 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-07-27 10:23:35 PDT
<rdar://problem/81169550>
Alex Christensen
Comment 2 2021-07-27 16:08:11 PDT
Created attachment 434377 [details] Patch
Alex Christensen
Comment 3 2021-07-27 17:00:17 PDT
Created attachment 434386 [details] Patch
EWS
Comment 4 2021-07-28 08:57:57 PDT
Committed r280385 (240028@main): <https://commits.webkit.org/240028@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434386 [details].
Alex Christensen
Comment 5 2021-07-28 09:24:28 PDT
Thanks for the report, Lars!
Lars Mikkelsen
Comment 6 2021-07-28 10:31:54 PDT
Thank you for the super quick fix!
Note You need to log in before you can comment on or make changes to this bug.