Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
('HTTP_CONNECTION', 'upgrade')]:
actual_value = environ.get(key, '').lower()
if not actual_value:
raise HandshakeError('Header %s is not defined' % key)
if expected_value not in actual_value:
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v).encode('utf-8') for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
('HTTP_CONNECTION', 'upgrade')]:
actual_value = environ.get(key, '').lower()
if not actual_value:
raise HandshakeError('Header %s is not defined' % key)
if expected_value not in actual_value:
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v) for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
('HTTP_CONNECTION', 'upgrade')]:
actual_value = environ.get(key, '').lower()
if not actual_value:
raise HandshakeError('Header %s is not defined' % key)
if expected_value not in actual_value:
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v).encode('utf-8') for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
def handshake_headers(self):
"""
List of headers appropriate for the upgrade
handshake.
"""
headers = [
('Host', '%s:%s' % (self.host, self.port)),
('Connection', 'Upgrade'),
('Upgrade', 'websocket'),
('Sec-WebSocket-Key', self.key.decode('utf-8')),
('Sec-WebSocket-Version', str(max(WS_VERSION)))
]
if self.protocols:
headers.append(('Sec-WebSocket-Protocol', ','.join(self.protocols)))
if self.extra_headers:
headers.extend(self.extra_headers)
if not any(x for x in headers if x[0].lower() == 'origin') and \
'origin' not in self.exclude_headers:
scheme, url = self.url.split(":", 1)
parsed = urlsplit(url, scheme="http")
if parsed.hostname:
self.host = parsed.hostname
else:
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v).encode('utf-8') for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
if s in protocols:
ws_protocols.append(s)
ws_extensions = []
exts = self.extensions or []
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v) for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
if s in protocols:
ws_protocols.append(s)
ws_extensions = []
exts = self.extensions or []
raise HandshakeError('Illegal value for header %s: %s' %
(key, actual_value))
key = environ.get('HTTP_SEC_WEBSOCKET_KEY')
if key:
ws_key = base64.b64decode(key.encode('utf-8'))
if len(ws_key) != 16:
raise HandshakeError("WebSocket key's length is invalid")
version = environ.get('HTTP_SEC_WEBSOCKET_VERSION')
supported_versions = b', '.join([unicode(v).encode('utf-8') for v in WS_VERSION])
version_is_valid = False
if version:
try: version = int(version)
except: pass
else: version_is_valid = version in WS_VERSION
if not version_is_valid:
environ['websocket.version'] = unicode(version).encode('utf-8')
raise HandshakeError('Unhandled or missing WebSocket version')
ws_protocols = []
protocols = self.protocols or []
subprotocols = environ.get('HTTP_SEC_WEBSOCKET_PROTOCOL')
if subprotocols:
for s in subprotocols.split(','):
s = s.strip()
if s in protocols:
ws_protocols.append(s)
ws_extensions = []
exts = self.extensions or []
def upgrade(self, protocols=None, extensions=None, version=WS_VERSION,
handler_cls=WebSocket, heartbeat_freq=None):
"""
Performs the upgrade of the connection to the WebSocket
protocol.
The provided protocols may be a list of WebSocket
protocols supported by the instance of the tool.
When no list is provided and no protocol is either
during the upgrade, then the protocol parameter is
not taken into account. On the other hand,
if the protocol from the handshake isn't part
of the provided list, the upgrade fails immediatly.
"""
request = cherrypy.serving.request
request.process_request_body = False
@property
def handshake_headers(self):
"""
List of headers appropriate for the upgrade
handshake.
"""
headers = [
('Host', self.host),
('Connection', 'Upgrade'),
('Upgrade', 'websocket'),
('Origin', self.url),
('Sec-WebSocket-Version', str(max(WS_VERSION))),
('User-Agent', USER_AGENT),
('Sec-WebSocket-Key', self.key.decode('utf-8')),
]
if self.protocols:
headers.append(('Sec-WebSocket-Protocol', ','.join(self.protocols)))
if self.extra_headers:
headers.extend(self.extra_headers)
return headers
def upgrade(self, protocols=None, extensions=None, version=WS_VERSION,
handler_cls=WebSocket, heartbeat_freq=None):
"""
Performs the upgrade of the connection to the WebSocket
protocol.
The provided protocols may be a list of WebSocket
protocols supported by the instance of the tool.
When no list is provided and no protocol is either
during the upgrade, then the protocol parameter is
not taken into account. On the other hand,
if the protocol from the handshake isn't part
of the provided list, the upgrade fails immediatly.
"""
request = cherrypy.serving.request
request.process_request_body = False