Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Getting rejecting status code and reason on the client (Chrome) #46

Closed
langdonx opened this Issue May 28, 2012 · 1 comment

Comments

Projects
None yet
2 participants

I'm not sure if this is an issue with the implementation of WebSocket-Node, or Chrome, or if I'm just doing it wrong, but.... WebSocketRequest::reject takes a status code and a reason, but when I call it I can't seem to get the status code or the reason in my client code.

-Server-
var http = require('http');
var httpServer = http.createServer(function (request, response)
{
// i see this if i hit http://localhost:8001/
response.end('go away');
});

httpServer.listen(8001);

// https://github.com/Worlize/WebSocket-Node/wiki/Documentation
var webSocket = require('websocket');
var webSocketServer = new webSocket.server({ 'httpServer': httpServer });

webSocketServer.on('request', function (request)
{
var connection = request.reject(102, 'gtfo');
});

-Client-
var connection = new WebSocket('ws://127.0.0.1:8001');
connection.onopen = function (openEvent)
{
alert('onopen');
console.log(openEvent);
};
connection.onclose = function (closeEvent)
{
alert('onclose');
console.log(closeEvent);
}
connection.onerror = function (errorEvent)
{
alert('onerror');
console.log(errorEvent);
};
connection.onmessage = function (messageEvent)
{
alert('onmessage');
console.log(messageEvent);
};

Only the OnClose event fires, but there isn't a status code or message in the closeEvent object that I can find. Any ideas?

I created a question on SO 2 weeks back, but didn't get much of a response:

http://stackoverflow.com/questions/10560591/nodejs-websockets-reject-the-connection-with-a-message

Owner

theturtle32 commented May 28, 2012

Unfortunately, the WebSocket protocol does not provide any specific mechanism for providing a close code or reason at this stage when rejecting a client connection.

In reality, connections should be rejected at this stage only when you are rejecting a user from a disallowed origin (i.e. someone from another website is trying to connect users to your websocket server without permission) or when a user otherwise does not have permission to connect (i.e. they are not logged in). The latter case should be handled by other code on your site: a user should not be able to attempt to connect the websocket connection if they are not logged in.

The code and reason that WebSocket-Node allow you to specify here are an HTTP Status code (e.g. 404, 500, etc.) and a reason to include as a non-standard "X-WebSocket-Reject-Reason" HTTP header in the response. It is mostly useful when analyzing the connection with a packet sniffer, such as WireShark. No browser has any facility for providing rejection codes or reasons to the client-side JavaScript code when a connection is rejected in this way, because it's not provided for in the WebSocket specification.

@jondubois jondubois referenced this issue in SocketCluster/socketcluster Oct 24, 2015

Closed

Adding more detail to the Handshake #120

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment