Bug 81655

Summary: [WebSocket]The Sec-WebSocket-Accept MUST NOT appear more than once in an HTTP response
Product: WebKit Reporter: Li Yin <li.yin>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, ap, bashi, eric, tkent, webkit.review.bot, yutak
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch
none
Patch none

Description Li Yin 2012-03-20 05:55:18 PDT
From RFC 6455
http://tools.ietf.org/html/rfc6455#section-11.3.3
The |Sec-WebSocket-Accept| header MUST NOT appear more than once in an HTTP response.
Comment 1 Li Yin 2012-03-20 06:36:22 PDT
Created attachment 132813 [details]
Patch
Comment 2 Alexey Proskuryakov 2012-03-20 09:55:50 PDT
Comment on attachment 132813 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=132813&action=review

> Source/WebCore/Modules/websockets/WebSocketHandshake.cpp:578
> +    bool hasAcceptValue = false;

"Accept" is also an HTTP header, so this variable is named confusingly. I suggest something like "sawSecWebSocketAcceptHeaderField".
Comment 3 Li Yin 2012-03-20 17:24:52 PDT
Created attachment 132940 [details]
Patch
Comment 4 Li Yin 2012-03-20 17:26:38 PDT
(In reply to comment #2)
> (From update of attachment 132813 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=132813&action=review
> 
> > Source/WebCore/Modules/websockets/WebSocketHandshake.cpp:578
> > +    bool hasAcceptValue = false;
> 
> "Accept" is also an HTTP header, so this variable is named confusingly. I suggest something like "sawSecWebSocketAcceptHeaderField".

Thanks for your review, the patch has been updated already, please review again.
Comment 5 WebKit Review Bot 2012-03-21 09:46:59 PDT
Comment on attachment 132940 [details]
Patch

Clearing flags on attachment: 132940

Committed r111554: <http://trac.webkit.org/changeset/111554>
Comment 6 WebKit Review Bot 2012-03-21 09:47:04 PDT
All reviewed patches have been landed.  Closing bug.