Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Better check for WebSocket upgrades, since Connection headers may be of the form 

Connection: keep-alive, Upgrade.
This commit is contained in:
Simone Bordet 2012-01-24 21:21:43 +01:00
parent 45bede6fda
commit caa325c3ba
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
jetty-servlets/src/main/java/org/eclipse/jetty/servlets/CrossOriginFilter.java
View File

@ -17,6 +17,7 @@ package org.eclipse.jetty.servlets;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
@ -215,10 +216,16 @@ public class CrossOriginFilter implements Filter
{ {
// WebSocket clients such as Chrome 5 implement a version of the WebSocket // WebSocket clients such as Chrome 5 implement a version of the WebSocket
// protocol that does not accept extra response headers on the upgrade response // protocol that does not accept extra response headers on the upgrade response
if ("Upgrade".equalsIgnoreCase(request.getHeader("Connection")) && for (String connection : Collections.<String>list(request.getHeaders("Connection")))
"WebSocket".equalsIgnoreCase(request.getHeader("Upgrade")))
{ {
return false; if ("Upgrade".equalsIgnoreCase(connection))
{
for (String upgrade : Collections.<String>list(request.getHeaders("Upgrade")))
{
if ("WebSocket".equalsIgnoreCase(upgrade))
return false;
}
}
} }
return true; return true;
} }