From RFC6455 http://tools.ietf.org/html/rfc6455#section-11.3.4 The |Sec-WebSocket-Protocol| header field MAY appear multiple times in an HTTP request (which is logically the same as a single |Sec-WebSocket-Protocol| header field that contains all values). However, the |Sec-WebSocket-Protocol| header field MUST NOT appear more than once in an HTTP response.
Created attachment 134230 [details] Patch
Comment on attachment 134230 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=134230&action=review I have just one nit. Your patch looks okay. Please get it reviewed by a WebKit reviewer. > LayoutTests/http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html:10 > +description("Test that WebSocket handshake fails if there are more one Sec-WebSocket-Protocol header field in the response."); nit: "more" -> "more than"
(In reply to comment #2) > > LayoutTests/http/tests/websocket/tests/hybi/handshake-fail-by-more-protocol-header.html:10 > > +description("Test that WebSocket handshake fails if there are more one Sec-WebSocket-Protocol header field in the response."); > > nit: "more" -> "more than" Thanks for your detailed review. I will change it.
Created attachment 134233 [details] Patch
Comment on attachment 134233 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=134233&action=review > Source/WebCore/ChangeLog:4 > + [WebSocket]The Sec-WebSocket-Accept must not appear more than once in an HTTP response > + https://bugs.webkit.org/show_bug.cgi?id=82432 Do you mean Sec-WebSocket-Protocol?
Created attachment 134236 [details] Patch
Comment on attachment 134236 [details] Patch ok
Comment on attachment 134236 [details] Patch Clearing flags on attachment: 134236 Committed r112377: <http://trac.webkit.org/changeset/112377>
All reviewed patches have been landed. Closing bug.