RESOLVED FIXED 74064
[GTK] Change default WebSocket protocol to the latest one 
https://bugs.webkit.org/show_bug.cgi?id=74064
Summary [GTK] Change default WebSocket protocol to the latest one
Yuta Kitamura
Reported 2011-12-08 01:22:19 PST
[This is the GTK version of Qt's bug 73630 and I'm lazy enough to copy and paste the bug description] Currently, WebKitGtk only supports the old WebSocket protocol (hixie-76). The old protocol is known to have a security defect, and should be phased out into the new protocol. The new protocol (hybi-17, which is going to be published as RFC6455 soon) is already implemented in WebCore and we can switch to the new protocol using WebCore::Settings. LayoutTests for hybi-17 are running fine on GTK bots, and there is no substantial problem observed. Hence, to migrate to the new version, we essentially just need to switch the default value of a Settings flag. Folks, are you happy with this change? Should I bring up this topic on webkit-gtk list? (Note: the old protocol and the new one are incompatible; if there's any existing service depending on the old protocol, it will break.)
Attachments
Patch (1.41 KB, patch)
2011-12-19 05:19 PST, Yuta Kitamura 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Martin Robinson
Comment 1 2011-12-09 14:54:38 PST
Hrm. Unfortunately, this would be an API break. :( In this case it might be useful to make an exception though.
Martin Robinson
Comment 2 2011-12-09 14:58:48 PST
CCing some other people, because this situation might be one in which breaking the API is a reasonable consideration. The old default is both insecure and incompatible.
Xan Lopez
Comment 3 2011-12-10 08:06:50 PST
I think the right thing to do here is switch and add a comment in NEWS/release notes. The sooner the better.
Gustavo Noronha (kov)
Comment 4 2011-12-12 03:08:58 PST
Agreed!
Yuta Kitamura
Comment 5 2011-12-19 05:19:23 PST
Created attachment 119850 [details] Patch
Yuta Kitamura
Comment 6 2011-12-20 01:44:39 PST
Thanks, I'm going to put the patch into CQ.
WebKit Review Bot
Comment 7 2011-12-20 05:17:35 PST
Comment on attachment 119850 [details] Patch Clearing flags on attachment: 119850 Committed r103321: <http://trac.webkit.org/changeset/103321>
WebKit Review Bot
Comment 8 2011-12-20 05:17:39 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.