When not agreeing on a subprotocol in non-strict - send no protocol header field

2017-09-13 09:40:02 -04:00 · 2017-09-13 09:40:02 -04:00 · dd636a4058
commit dd636a4058
parent 8128af799a
2 changed files with 35 additions and 2 deletions
--- a/src/Handshake/ServerNegotiator.php
+++ b/src/Handshake/ServerNegotiator.php
@ -58,9 +58,11 @@ class ServerNegotiator implements NegotiatorInterface {
        $upgradeSuggestion = [
            'Connection'             => 'Upgrade',
            'Upgrade'                => 'websocket',
-            'Sec-WebSocket-Version'  => $this->getVersionNumber(),
-            'Sec-WebSocket-Protocol' => implode(', ', $this->_supportedSubProtocols)
+            'Sec-WebSocket-Version'  => $this->getVersionNumber()
        ];
+        if (count($this->_supportedSubProtocols) > 0) {
+            $upgradeSuggestion['Sec-WebSocket-Protocol'] = implode(', ', $this->_supportedSubProtocols);
+        }
        if (true !== $this->verifier->verifyUpgradeRequest($request->getHeader('Upgrade'))) {
            return new Response(426, $upgradeSuggestion, null, '1.1', 'Upgrade header MUST be provided');
        }
--- a/tests/unit/Handshake/ServerNegotiatorTest.php
+++ b/tests/unit/Handshake/ServerNegotiatorTest.php
@ -141,4 +141,35 @@ Accept-Language: en-US,en;q=0.8';
        $this->assertEquals('websocket', $response->getHeaderLine('Upgrade'));
        $this->assertEquals('13', $response->getHeaderLine('Sec-WebSocket-Version'));
    }
+
+    public function testNonStrictSubprotocolDoesNotIncludeHeaderWhenNoneAgreedOn() {
+        $negotiator = new ServerNegotiator(new RequestVerifier());
+        $negotiator->setStrictSubProtocolCheck(false);
+        $negotiator->setSupportedSubProtocols(['someproto']);
+
+        $requestText = 'GET / HTTP/1.1
+Host: 127.0.0.1:6789
+Connection: Upgrade
+Pragma: no-cache
+Cache-Control: no-cache
+Upgrade: websocket
+Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
+Sec-WebSocket-Version: 13
+Sec-WebSocket-Protocol: someotherproto
+Upgrade-Insecure-Requests: 1
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+Accept-Encoding: gzip, deflate, sdch, br
+Accept-Language: en-US,en;q=0.8';
+
+        $request = \GuzzleHttp\Psr7\parse_request($requestText);
+
+        $response = $negotiator->handshake($request);
+
+        $this->assertEquals('1.1', $response->getProtocolVersion());
+        $this->assertEquals(101, $response->getStatusCode());
+        $this->assertEquals('Upgrade', $response->getHeaderLine('Connection'));
+        $this->assertEquals('websocket', $response->getHeaderLine('Upgrade'));
+        $this->assertFalse($response->hasHeader('Sec-WebSocket-Protocol'));
+    }
 }