Skip to content

Commit

Permalink
fixes manager.js failure to close connection after transport error ha…
Browse files Browse the repository at this point in the history
…s happened
  • Loading branch information
einaros committed Nov 14, 2011
1 parent ffef944 commit 27714d7
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 31 deletions.
7 changes: 6 additions & 1 deletion lib/manager.js
Original file line number Diff line number Diff line change
Expand Up @@ -623,7 +623,12 @@ Manager.prototype.handleClient = function (data, req) {

var transport = new transports[data.transport](this, data, req)
, handshaken = this.handshaken[data.id];


if (transport.disconnected) {
// failed during transport setup
req.connection.end();
return;
}
if (handshaken) {
if (transport.open) {
if (this.closed[data.id] && this.closed[data.id].length) {
Expand Down
87 changes: 57 additions & 30 deletions test/transports.websocket.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,10 @@ module.exports = {

io.set('transports', ['websocket']);
io.set('origins', 'foo.bar.com:*');
var notConnected = true;
io.sockets.on('connection', function() {
notConnected = false;
});

var headers = {
'sec-websocket-version': 8,
Expand All @@ -121,95 +125,118 @@ module.exports = {
'Sec-WebSocket-Key': 'dGhlIHNhbXBsZSBub25jZQ=='
}

// handshake uses correct origin -- we want to block the actuall websocket call
// handshake uses correct origin -- we want to block the actual websocket call
cl.get('/socket.io/{protocol}', {headers: {origin: 'http://foo.bar.com'}}, function (res, data) {
var sid = data.split(':')[0];
var url = '/socket.io/' + sio.protocol + '/websocket/' + sid;
cl.get(url, {headers: headers}, function (res, data) {});
cl.end();
io.server.close();
done();
var req = cl.get(url, {headers: headers}, function (res, data) {});
var closed = false;
req.on('close', function() {
if (closed) return;
closed = true;
notConnected.should.be.true;
cl.end();
try {
io.server.close();
}
catch (e) {}
done();
});
});
},

'hybi-07-12 origin filter accepts implicit port 80 for sec-websocket-origin': function (done) {
'hybi-16 origin filter blocks access for mismatched sec-websocket-origin': function (done) {
var cl = client(++ports)
, io = create(cl)
, io = create(cl);

io.set('transports', ['websocket']);
io.set('origins', 'foo.bar.com:80');
io.set('origins', 'foo.bar.com:*');
var notConnected = true;
io.sockets.on('connection', function() {
notConnected = false;
});

var headers = {
'sec-websocket-version': 8,
'sec-websocket-version': 13,
'upgrade': 'websocket',
'Sec-WebSocket-Origin': 'http://foo.bar.com',
'origin': 'http://baz.bar.com',
'Sec-WebSocket-Key': 'dGhlIHNhbXBsZSBub25jZQ=='
}

io.sockets.on('connection', function() {
cl.end();
io.server.close();
done();
});

// handshake uses correct origin -- we want to block the actuall websocket call
// handshake uses correct origin -- we want to block the actual websocket call
cl.get('/socket.io/{protocol}', {headers: {origin: 'http://foo.bar.com'}}, function (res, data) {
var sid = data.split(':')[0];
var url = '/socket.io/' + sio.protocol + '/websocket/' + sid;
cl.get(url, {headers: headers}, function (res, data) {});
var req = cl.get(url, {headers: headers}, function (res, data) {});
var closed = false;
req.on('close', function() {
if (closed) return;
closed = true;
notConnected.should.be.true;
cl.end();
try {
io.server.close();
}
catch (e) {}
done();
});
});
},

'hybi-16 origin filter accepts implicit port 80 for sec-websocket-origin': function (done) {
'hybi-07-12 origin filter accepts implicit port 80 for sec-websocket-origin': function (done) {
done();return;
var cl = client(++ports)
, io = create(cl)

io.set('transports', ['websocket']);
io.set('origins', 'foo.bar.com:80');

var headers = {
'sec-websocket-version': 13,
'sec-websocket-version': 8,
'upgrade': 'websocket',
'origin': 'http://foo.bar.com',
'Sec-WebSocket-Origin': 'http://foo.bar.com',
'Sec-WebSocket-Key': 'dGhlIHNhbXBsZSBub25jZQ=='
}

io.sockets.on('connection', function() {
cl.end();
io.server.close();
done();
});

// handshake uses correct origin -- we want to block the actuall websocket call
// handshake uses correct origin -- we want to block the actual websocket call
cl.get('/socket.io/{protocol}', {headers: {origin: 'http://foo.bar.com'}}, function (res, data) {
var sid = data.split(':')[0];
var url = '/socket.io/' + sio.protocol + '/websocket/' + sid;
cl.get(url, {headers: headers}, function (res, data) {});
});
},

'hybi-16 origin filter blocks access for mismatched sec-websocket-origin': function (done) {
'hybi-16 origin filter accepts implicit port 80 for sec-websocket-origin': function (done) {
var cl = client(++ports)
, io = create(cl)

io.set('transports', ['websocket']);
io.set('origins', 'foo.bar.com:*');
io.set('origins', 'foo.bar.com:80');

var headers = {
'sec-websocket-version': 13,
'upgrade': 'websocket',
'origin': 'http://baz.bar.com',
'origin': 'http://foo.bar.com',
'Sec-WebSocket-Key': 'dGhlIHNhbXBsZSBub25jZQ=='
}

// handshake uses correct origin -- we want to block the actuall websocket call
io.sockets.on('connection', function() {
cl.end();
io.server.close();
done();
});

// handshake uses correct origin -- we want to block the actual websocket call
cl.get('/socket.io/{protocol}', {headers: {origin: 'http://foo.bar.com'}}, function (res, data) {
var sid = data.split(':')[0];
var url = '/socket.io/' + sio.protocol + '/websocket/' + sid;
cl.get(url, {headers: headers}, function (res, data) {});
cl.end();
io.server.close();
done();
});
},

Expand Down

0 comments on commit 27714d7

Please sign in to comment.