Handler subprotocol method fails to detect empty list

[duytnguyendtn]

Bug description

Hello JSP developers!

My colleague @zoghbi-a and I are attempting to proxy socket.io using JSP and have run into a subprotocol issue that I've started to track down. Please note I am coming as a JSP user with not much networking experience. I'd like to open a discussion about this issue and would be happy to be told I'm just not using JSP properly and corrected. I also didn't want to open a PR in the event I'm misunderstanding something. Thank you for your patience!

Effectively, we're receiving strange headers on our socket.io server that are resulting in a HTTP 400 Bad Request. Tracking down the HTTP response being sent by the proxy, I noticed the following fields being sent in the HTTP header:

> e:\heasarc\gitrepos\scieserver-js9\envjpyjs9\lib\site-packages\jupyter_server_proxy\handlers.py(503)start_websocket_connection()
(Pdb) print(request.headers)
Host: localhost:8888
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Accept-Language: en-US,en
Upgrade: websocket
Origin: http://localhost:8888
Sec-Websocket-Version: 13
Accept-Encoding: gzip
Cookie: username-localhost-8888="<irrelevant values>"
Sec-Websocket-Key: b'XXXXXXXXXXXXXXXXXXXX'
Sec-Websocket-Extensions: permessage-deflate; client_max_window_bits
Sec-Websocket-Protocol:

Specifically, I noticed that last line:

Sec-Websocket-Protocol:

As I understand it, when a websocket protocol is not specified, the Sec-Websocket-Protocol is supposed to be omitted, rather than sent without a value.

The following is my best attempt to understand how this condition is arising (all links are permalinked to the current main commit: a65437a):

The HTTP 400 error is originating from the following HTTPRequest in JSP in attempting to start a websocket connection:

jupyter-server-proxy/jupyter_server_proxy/handlers.py

Lines 492 to 497 in a65437a

	self.ws = await pingable_ws_connect(
	request=request,
	on_message_callback=message_cb,
	on_ping_callback=ping_cb,
	subprotocols=self.subprotocols,
	resolver=resolver,

The cause is the value of self.subprotocols. It's receiving an empty list []. This empty list is originating from:
https://github.com/tornadoweb/tornado/blob/65a9e48f8ce645f104e3e0aa772222e70b0376d9/tornado/websocket.py#L902
most likely due to a subprotocol header not being provided on our end. This harkens back to another user's issue: #47

Following the trace, the JSP handler's select_subprotocol appears to be processing the empty list properly:

jupyter-server-proxy/jupyter_server_proxy/handlers.py

Lines 533 to 539 in a65437a

	def select_subprotocol(self, subprotocols):
	"""Select a single Sec-WebSocket-Protocol during handshake."""
	self.subprotocols = subprotocols
	if isinstance(subprotocols, list) and subprotocols:
	self.log.debug(f"Client sent subprotocols: {subprotocols}")
	return subprotocols[0]
	return super().select_subprotocol(subprotocols)

by properly falling back on Tornado's WebSocketHandler, which properly returns None:
https://github.com/tornadoweb/tornado/blob/65a9e48f8ce645f104e3e0aa772222e70b0376d9/tornado/websocket.py#L337-L360

However, select_subprotocol also caches the provided value:

jupyter-server-proxy/jupyter_server_proxy/handlers.py

Line 535 in a65437a

self.subprotocols = subprotocols

which is what is used websocket connection method:

jupyter-server-proxy/jupyter_server_proxy/handlers.py

Line 496 in a65437a

subprotocols=self.subprotocols,

thereby ignoring the "sanitized" subprotocol value provided by Tornado's WebSocketHandler.

TLDR solution:

I feel that either the jupyter_server_proxy.handlers.ProxyHandler.proxy_open should be directly using the sanitized result of jupyter_server_proxy.handlers.ProxyHandler.select_subprotocol:

self.ws = await pingable_ws_connect(
    request=request,
    on_message_callback=message_cb,
    on_ping_callback=ping_cb,
    subprotocols=self.select_subprotcol(self.subprotocols),
    resolver=resolver,
)

or, jupyter_server_proxy.handlers.ProxyHandler.select_subprotocol should instead use the Tornado WebSocketHandler's cached value of the final selected subprotocol: https://github.com/tornadoweb/tornado/blob/65a9e48f8ce645f104e3e0aa772222e70b0376d9/tornado/websocket.py#L903

self.ws = await pingable_ws_connect(
    request=request,
    on_message_callback=message_cb,
    on_ping_callback=ping_cb,
    subprotocols=self.selected_subprotcol,
    resolver=resolver,
)

Please let me know your thoughts! I appreciate your time and effort on this project :)

[welcome]

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! 🤗

If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively.

You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! 👋

Welcome to the Jupyter community! 🎉