Possibility to mirror Sec-WebSocket-Protocols #980
Conversation
We can add this to Crow, but with this few informations it sounds like a strange design. You should think about if it maybe opens an attack vector or something like this. |
tests/unittest.cpp
Outdated
| static websocket::connection* connection = nullptr; | ||
| static bool connected{false}; |
There was a problem hiding this comment.
I think this shouldn't be static
We are using Sec-WebSocket-Protocols to send some information about client. And this data will be different for different clients. We want to get this info during onAccept, and reject, depending on this information if needed. |
include/crow/routing.h
Outdated
| @@ -498,13 +498,20 @@ namespace crow // NOTE: Already documented in "crow/app.h" | |||
| return *this; | |||
| } | |||
|
|
|||
| self_t& mirrorprotocols() | |||
There was a problem hiding this comment.
I would have expected:
self_t& mirrorprotocols(bool mirror_protocols=true)
{
mirror_protocols_ = mirror_protocols;
return *this;
}
to make clear that something will be set?
There was a problem hiding this comment.
I will change this, for sure. But not clearly understand, how this method can be called somewhere to disable mirror functionality, because we're usually doing like this:
CROW_WEBSOCKET_ROUTE(app, "/PATH")
.mirrorprotocols()
.onaccept(...
| c.send(asio::buffer(http_message)); | ||
|
|
||
| c.receive(asio::buffer(buf, 2048)); | ||
| std::this_thread::sleep_for(std::chrono::milliseconds(5)); |
There was a problem hiding this comment.
Is this there only to keep the connection open?
Hello.
We are using Sec-WebSocket-Protocols to send important data, that is not constant. So we can't predict subprotocol on server side.
From the other hand, we have to send something back, otherwise Browsers will not work correctly.
So, we suggest the next solution: add a possibility to return exactly the same subprotocol that was received.