diff --git a/fetch.bs b/fetch.bs index 4332463b2..a34356e87 100644 --- a/fetch.bs +++ b/fetch.bs @@ -39,11 +39,6 @@ urlPrefix:https://tc39.es/ecma262/#;type:dfn;spec:ecma-262 url:sec-list-and-record-specification-type;text:Record -
-spec:websockets; type:interface; text:WebSocket
-spec:websockets; type:attribute; text:bufferedAmount; for:WebSocket
-
- 
 {
     "HTTP": {
@@ -169,7 +164,7 @@ exposes most of the networking functionality at a fairly low level of abstractio
 
This specification depends on the Infra Standard. [[!INFRA]]
 
 
This specification uses terminology from the ABNF, Encoding, HTML, HTTP, IDL, MIME Sniffing,
-Streams, and URL Standards.
+Streams, URL, and WebSockets Standards.
 [[!ABNF]]
 [[!ENCODING]]
 [[!HTML]]
@@ -178,6 +173,7 @@ Streams, and URL Standards.
 [[!MIMESNIFF]]
 [[!STREAMS]]
 [[!URL]]
+[[!WEBSOCKETS]]
 
 
ABNF means ABNF as augmented by HTTP (in particular the addition of #)
 and RFC 7405. [[!RFC7405]]
@@ -805,8 +801,8 @@ A: 3
  
  • Otherwise, append (name, value) to list.
 
 
-
    Combine is used by {{XMLHttpRequest}} and the
-WebSocket protocol handshake.
+
    Combine is used by {{XMLHttpRequest}} and the
+WebSocket protocol handshake.
 
 
    To convert header names to a sorted-lowercase set, given a list of
 names headerNames, run these steps:
@@ -1804,8 +1800,8 @@ to not have to set request's referrer.
   
    This is a special mode used only when navigating between documents.
 
   
    "websocket"
-  
    This is a special mode used only when establishing
-  a WebSocket connection.
+  
    This is a special mode used only when
+  establishing a WebSocket connection.
  
 
  
    Even though the default request mode is "no-cors",
@@ -8005,150 +8001,6 @@ fetch("https://www.example.com/")
 
 
 
-
    WebSocket protocol alterations
    
-
-
    
- 
    This section replaces part of the WebSocket protocol opening handshake client requirement to
- integrate it with algorithms defined in Fetch. This way CSP, cookies, HSTS, and other Fetch-related
- protocols are handled in a single location. Ideally the RFC would be updated with this language,
- but it is never that easy. The WebSocket API, defined in the HTML Standard, has been updated to use
- this language. [[!WSP]] [[!HTML]]
-
- 
    The way this works is by replacing The WebSocket Protocol's "establish a WebSocket connection"
- algorithm with a new one that integrates with Fetch. "Establish a WebSocket connection" consists of
- three algorithms: setting up a connection, creating and transmiting a handshake request, and
- validating the handshake response. That layering is different from Fetch, which first creates a
- handshake, then sets up a connection and transmits the handshake, and finally validates the
- response. Keep that in mind while reading these alterations.
-
    
-
-
-
    Connections
    
-
-
    To obtain a WebSocket connection, given a
-url, run these steps:
-
-
      
- 
    1. Let host be url's host.
-
- 
    2. Let port be url's port.
-
- 
    3. Let secure be false, if url's scheme is
- "http", and true otherwise.
-
- 
    4. Follow the requirements stated in step 2 to 5, inclusive, of the first set of steps in
- section 4.1 of The WebSocket
- Protocol to establish a WebSocket connection. [[!WSP]]
-
- 
    5. If that established a connection, return it, and return failure otherwise.
-
    
-
-
    Although structured a little differently, carrying different properties, and
-therefore not shareable, a WebSocket connection is very close to identical to an "ordinary"
-connection.
-
-
-
    Opening handshake
    
-
-
    To establish a WebSocket connection, given a
-url, protocols, and client, run these steps:
-
-
      
- 
    1. 
-  
      Let requestURL be a copy of url, with its
-  scheme set to
-  "http", if url's
-  scheme is "ws", and
-  to "https" otherwise.
-
-  
      This change of scheme is essential to integrate well with
-  fetching. E.g., HSTS would not work without it. There is no real
-  reason for WebSocket to have distinct schemes, it's a legacy artefact.
-  [[!HSTS]]
-
- 
    2. Let request be a new request, whose
- URL is requestURL,
- client is client,
- service-workers mode is "none",
- referrer is "no-referrer",
- mode is "websocket",
- credentials mode is
- "include",
- cache mode is "no-store", and
- redirect mode is "error".
-
- 
    3. Append (`Upgrade`, `websocket`) to
- request's header list.
-
- 
    4. Append (`Connection`, `Upgrade`) to
- request's header list.
-
- 
    5. 
-  
      Let keyValue be a nonce consisting of a randomly selected 16-byte value that has
-  been forgiving-base64-encoded and isomorphic encoded.
-
-  
      If the randomly selected value was the byte sequence 0x01 0x02 0x03 0x04 0x05
-  0x06 0x07 0x08 0x09 0x0a 0x0b 0x0c 0x0d 0x0e 0x0f 0x10, keyValue would be
-  forgiving-base64-encoded to "AQIDBAUGBwgJCgsMDQ4PEC==" and isomorphic encoded
-  to `AQIDBAUGBwgJCgsMDQ4PEC==`.
-
- 
    6. Append (`Sec-WebSocket-Key`, keyValue) to
- request's header list.
-
- 
    7. Append (`Sec-WebSocket-Version`, `13`) to
- request's header list.
-
- 
    8. For each protocol in protocols, combine
- (`Sec-WebSocket-Protocol`, protocol) in request's
- header list.
-
- 
    9. 
-  
      Let permessageDeflate be a user-agent defined
-  "permessage-deflate" extension header value. [[!WSP]]
-
-  
      `permessage-deflate; client_max_window_bits`
-
- 
    10. Append (`Sec-WebSocket-Extensions`,
- permessageDeflate) to request's header list.
-
- 
    11. 
-  
      Fetch request with useParallelQueue
-  set to true, and processResponse given response being these
-  steps:
-
-  
        
-   
      1. If response is a network error or its status is not
-   101, fail the WebSocket connection.
-
-   
      2. 
-    
        If protocols is not the empty list and extracting header list values given
-    `Sec-WebSocket-Protocol` and response's header list
-    results in null, failure, or the empty byte sequence, then fail the WebSocket connection.
-
-    
        This is different from the check on this header defined by The WebSocket Protocol.
-    That only covers a subprotocol not requested by the client. This covers a subprotocol requested
-    by the client, but not acknowledged by the server.
-
-   
      3. Follow the requirements stated step 2 to step 6, inclusive, of the last set of steps in
-   section 4.1 of The
-   WebSocket Protocol to validate response. This either results in
-   fail the WebSocket connection or the WebSocket connection is established.
-  
      
-
    
-
-
    Fail the WebSocket connection and the WebSocket connection is established
-are defined by The WebSocket Protocol. [[!WSP]]
-
-
    The reason redirects are not followed and this handshake is generally restricted is
-because it could introduce serious security problems in a web browser context. For example, consider
-a host with a WebSocket server at one path and an open HTTP redirector at another. Suddenly, any
-script that can be given a particular WebSocket URL can be tricked into communicating to (and
-potentially sharing secrets with) any host on the internet, even if the script checks that the URL
-has the right hostname.
-
-
-
-
 
    data: URLs
    
 
 
    For an informative description of data: URLs, see RFC 2397. This section replaces
@@ -8316,6 +8168,15 @@ resource — for non-CORS requests as well as CORS
 requests — and do not use `Vary`.
 
 
+
    WebSockets
    
+
+
    Fetch used to define obtain a WebSocket connection,
+establish a WebSocket connection,
+fail the WebSocket connection, and
+the WebSocket connection is established, all of which are now defined in
+WebSockets. [[!WEBSOCKETS]]
+
+
 
 
    Using fetch in other standards