Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
debugger: validate sec-websocket-accept response header
This addresses a TODO to validate that the sec-websocket-accept header in the WebSocket handshake response is valid. To do this we need to append the WebSocket GUID to the original key sent in sec-websocket-key, sha1 hash it, and then compare the base64 encoding with the value sent in the sec-websocket-accept response header. If they don't match, an error is thrown.
- Loading branch information
1 parent
a518e4b
commit b7e609f
Showing
1 changed file
with
22 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters