[html5] r5186 - [giow] (1) Make the cookies set by a WebSocket server get set sync with the 'ope [...]

whatwg at whatwg.org whatwg at whatwg.org
Thu Jul 22 13:02:36 PDT 2010


Author: ianh
Date: 2010-07-22 13:02:36 -0700 (Thu, 22 Jul 2010)
New Revision: 5186

Modified:
   complete.html
   source
Log:
[giow] (1) Make the cookies set by a WebSocket server get set sync with the 'open' event and not get set if the handshake fails.

Modified: complete.html
===================================================================
--- complete.html	2010-07-22 19:22:39 UTC (rev 5185)
+++ complete.html	2010-07-22 20:02:36 UTC (rev 5186)
@@ -71918,8 +71918,8 @@
 
     <p><a href=#establish-a-websocket-connection>Establish a WebSocket connection</a> to a host <var title="">host</var>, on port <var title="">port</var> (if one was
     specified), from <var title="">origin</var>, with the flag <var title="">secure</var>, with <var title="">resource name</var> as
-    the resource name, and with <var title="">protocols</var> as the
-    (possibly empty) list of protocols.</p>
+    the resource name, with <var title="">protocols</var> as the
+    (possibly empty) list of protocols, and with the <var title="">defer cookies</var> flag set.</p>
 
     <p class=note>If the "<a href=#establish-a-websocket-connection>establish a WebSocket
     connection</a>" algorithm fails, it triggers the "<a href=#fail-the-websocket-connection>fail
@@ -72110,10 +72110,12 @@
 
   <p>When the <i><a href=#websocket-connection-is-established>WebSocket connection is established</a></i>, the user
   agent must <a href=#queue-a-task>queue a task</a> to first change the <code title=dom-WebSocket-readyState><a href=#dom-websocket-readystate>readyState</a></code> attribute's value
-  to <code title=dom-WebSocket-OPEN><a href=#dom-websocket-open>OPEN</a></code> (1); then change the
-  <code title=dom-WebSocket-protocol><a href=#dom-websocket-protocol>protocol</a></code> attribute's
-  value to the <a href=#selected-websocket-subprotocol>selected WebSocket subprotocol</a>, if there
-  is one; and then <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-open>open</code> at the <code><a href=#websocket>WebSocket</a></code>
+  to <code title=dom-WebSocket-OPEN><a href=#dom-websocket-open>OPEN</a></code> (1); <a href=#apply-the-cookies>apply the
+  cookies</a> that were collected in the <var title="">list of
+  cookies</var> when the <a href=#websocket-connection-is-established title="WebSocket connection is
+  established">connection was established</a>; change the <code title=dom-WebSocket-protocol><a href=#dom-websocket-protocol>protocol</a></code> attribute's value to
+  the <a href=#selected-websocket-subprotocol>selected WebSocket subprotocol</a>, if there is one;
+  and then <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-open>open</code> at the <code><a href=#websocket>WebSocket</a></code>
   object.</p>
 
   <p>When <i><a href=#a-websocket-message-has-been-received>a WebSocket message has been received</a></i> with text <var title="">data</var>, the user agent must create an event that uses
@@ -72841,8 +72843,9 @@
   <p>When the user agent is to <dfn id=establish-a-websocket-connection>establish a WebSocket
   connection</dfn> to a host <var title="">host</var>, on a port <var title="">port</var>, from an origin whose <a href=#ascii-serialization-of-an-origin title="ASCII
   serialization of an origin">ASCII serialization</a> is <var title="">origin</var>, with a flag <var title="">secure</var>, with
-  a string giving a <var title="">resource name</var>, and with a
-  (possibly empty) list of strings giving the <var title="">protocols</var>, it must run the following steps. The <var title="">host</var> must have been punycode-encoded already if
+  a string giving a <var title="">resource name</var>, with a
+  (possibly empty) list of strings giving the <var title="">protocols</var>, and optionally with a <var title="">defer
+  cookies</var> flag, it must run the following steps. The <var title="">host</var> must have been punycode-encoded already if
   necessary (i.e. it does not contain characters above U+007E). The
   <var title="">origin</var> must not contain characters in the range
   U+0041 to U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL
@@ -73448,6 +73451,8 @@
 
    </li>
 
+   <li><p>Let the <var title="">list of cookies</var> be empty.</li>
+
    <li>
 
     <p>
@@ -73520,8 +73525,9 @@
      <dd>
 
       <p>If the relevant specification is supported by the user agent,
-      handle the cookie as defined by the appropriate specification,
-      with the resource being the one with the host <var title="">host</var>, the port <var title="">port</var>, the path
+      add the cookie, interpreted as defined by the appropriate
+      specification, to the <var title="">list of cookies</var>, with
+      the resource being the one with the host <var title="">host</var>, the port <var title="">port</var>, the path
       (and possibly query parameters) <var title="">resource
       name</var>, and the scheme <code title="">http</code> if <var title="">secure</var> is false and <code title="">https</code>
       if <var title="">secure</var> is true.
@@ -73532,6 +73538,11 @@
       <p>If the relevant specification is not supported by the user
       agent, then the field must be ignored.</p>
 
+      <p class=note>The cookies added to the <var title="">list of
+      cookies</var> are discarded if the connection fails to be
+      established. Only if and when the connection is established do
+      the cookies actually get applied.</p>
+
      </dd>
 
 
@@ -73585,6 +73596,9 @@
        <li><p>Close the connection if the server has not already done
        so.</p></li>
 
+       <li><p><span>Apply the cookies</span> in the <var title="">list
+       of cookies</var>.</p></li>
+
        <li><p>Jump back to the first step of the overall algorithm
        (the very top of the handshake).</p></li>
 
@@ -73613,16 +73627,21 @@
      <dt>If the entry's name is "<code
      title="">www-authenticate</code>"</dt>
 
-     <dd><p>Obtain credentials in a manner consistent with the
-     requirements for handling the <code>WWW-Authenticate</code>
-     header in HTTP, and then close the connection (if the server has
-     not already done so) and jump back to the step labeled
-     <i>connect</i>, including the relevant authentication headers in
-     the new request.
-     <a href="#refsHTTP">[HTTP]</a>
+     <dd>
+
+      <p><span>Apply the cookies</span> in the <var title="">list of
+      cookies</var>, then obtain credentials in a manner consistent
+      with the requirements for handling the
+      <code>WWW-Authenticate</code> header in HTTP, and then close
+      the connection (if the server has not already done so) and jump
+      back to the step labeled <i>connect</i>, including the relevant
+      authentication headers in the new request.
+      <a href="#refsHTTP">[HTTP]</a>
 --><!--
-     </p></dd>
+      </p>
 
+     </dd>
+
      <dt>Any other name</dt>
 
      <dd>Ignore it.</dd>
@@ -73680,12 +73699,20 @@
 
    </li>
 
+   <li><p>If the <var title="">defer cookies</var> flag is not set,
+   <a href=#apply-the-cookies>apply the cookies</a> in the <var title="">list of
+   cookies</var>.</li>
+
    <li>
 
     <p>The <dfn id=websocket-connection-is-established>WebSocket connection is established</dfn>. Now the
     user agent must send and receive to and from the connection as
     described in the next section.</p>
 
+    <p>If the <var title="">defer cookies</var> flag is set, store the
+    <var title="">list of cookies</var> for use by the component that
+    invoked this algorithm.</p>
+
    </li>
 
   </ol><p>Where the algorithm above requires that a user agent <a href=#fail-the-websocket-connection>fail
@@ -73709,7 +73736,14 @@
   than collecting all the fields and then checking them as a
   block.</p>
 
+  <p>When the user agent is to <dfn id=apply-the-cookies>apply the cookies</dfn> in a <var title="">list of cookies</var>, it must handle each cookie in the
+  <var title="">list of cookies</var> as defined by the appropriate
+  specification.
+  <a href=#refsCOOKIES>[COOKIES]</a>
 
+  </p>
+
+
   <h6 id=data-framing><span class=secno>10.3.4.4.2 </span>Data framing</h6>
 
   <p>Once a <a href=#websocket-connection-is-established>WebSocket connection is established</a>, the user

Modified: source
===================================================================
--- source	2010-07-22 19:22:39 UTC (rev 5185)
+++ source	2010-07-22 20:02:36 UTC (rev 5186)
@@ -80897,8 +80897,9 @@
     title="">host</var>, on port <var title="">port</var> (if one was
     specified), from <var title="">origin</var>, with the flag <var
     title="">secure</var>, with <var title="">resource name</var> as
-    the resource name, and with <var title="">protocols</var> as the
-    (possibly empty) list of protocols.</p>
+    the resource name, with <var title="">protocols</var> as the
+    (possibly empty) list of protocols, and with the <var
+    title="">defer cookies</var> flag set.</p>
 
     <p class="note">If the "<span>establish a WebSocket
     connection</span>" algorithm fails, it triggers the "<span>fail
@@ -81137,10 +81138,13 @@
   <p>When the <i>WebSocket connection is established</i>, the user
   agent must <span>queue a task</span> to first change the <code
   title="dom-WebSocket-readyState">readyState</code> attribute's value
-  to <code title="dom-WebSocket-OPEN">OPEN</code> (1); then change the
-  <code title="dom-WebSocket-protocol">protocol</code> attribute's
-  value to the <span>selected WebSocket subprotocol</span>, if there
-  is one; and then <span>fire a simple event</span> named <code
+  to <code title="dom-WebSocket-OPEN">OPEN</code> (1); <span>apply the
+  cookies</span> that were collected in the <var title="">list of
+  cookies</var> when the <span title="WebSocket connection is
+  established">connection was established</span>; change the <code
+  title="dom-WebSocket-protocol">protocol</code> attribute's value to
+  the <span>selected WebSocket subprotocol</span>, if there is one;
+  and then <span>fire a simple event</span> named <code
   title="event-open">open</code> at the <code>WebSocket</code>
   object.</p>
 
@@ -81979,9 +81983,10 @@
   title="">port</var>, from an origin whose <span title="ASCII
   serialization of an origin">ASCII serialization</span> is <var
   title="">origin</var>, with a flag <var title="">secure</var>, with
-  a string giving a <var title="">resource name</var>, and with a
+  a string giving a <var title="">resource name</var>, with a
   (possibly empty) list of strings giving the <var
-  title="">protocols</var>, it must run the following steps. The <var
+  title="">protocols</var>, and optionally with a <var title="">defer
+  cookies</var> flag, it must run the following steps. The <var
   title="">host</var> must have been punycode-encoded already if
   necessary (i.e. it does not contain characters above U+007E). The
   <var title="">origin</var> must not contain characters in the range
@@ -82642,6 +82647,8 @@
 
    </li>
 
+   <li><p>Let the <var title="">list of cookies</var> be empty.</p></li>
+
    <li>
 
     <p>
@@ -82738,8 +82745,9 @@
      <dd>
 
       <p>If the relevant specification is supported by the user agent,
-      handle the cookie as defined by the appropriate specification,
-      with the resource being the one with the host <var
+      add the cookie, interpreted as defined by the appropriate
+      specification, to the <var title="">list of cookies</var>, with
+      the resource being the one with the host <var
       title="">host</var>, the port <var title="">port</var>, the path
       (and possibly query parameters) <var title="">resource
       name</var>, and the scheme <code title="">http</code> if <var
@@ -82756,6 +82764,11 @@
       <p>If the relevant specification is not supported by the user
       agent, then the field must be ignored.</p>
 
+      <p class="note">The cookies added to the <var title="">list of
+      cookies</var> are discarded if the connection fails to be
+      established. Only if and when the connection is established do
+      the cookies actually get applied.</p>
+
      </dd>
 
 
@@ -82812,6 +82825,9 @@
        <li><p>Close the connection if the server has not already done
        so.</p></li>
 
+       <li><p><span>Apply the cookies</span> in the <var title="">list
+       of cookies</var>.</p></li>
+
        <li><p>Jump back to the first step of the overall algorithm
        (the very top of the handshake).</p></li>
 
@@ -82842,19 +82858,24 @@
      <dt>If the entry's name is "<code
      title="">www-authenticate</code>"</dt>
 
-     <dd><p>Obtain credentials in a manner consistent with the
-     requirements for handling the <code>WWW-Authenticate</code>
-     header in HTTP, and then close the connection (if the server has
-     not already done so) and jump back to the step labeled
-     <i>connect</i>, including the relevant authentication headers in
-     the new request.
+     <dd>
+
+      <p><span>Apply the cookies</span> in the <var title="">list of
+      cookies</var>, then obtain credentials in a manner consistent
+      with the requirements for handling the
+      <code>WWW-Authenticate</code> header in HTTP, and then close
+      the connection (if the server has not already done so) and jump
+      back to the step labeled <i>connect</i>, including the relevant
+      authentication headers in the new request.
 --><!--END complete--><!--END epub--><!--
-     <a href="#refsRFC2616">[RFC2616]</a>
+      <a href="#refsRFC2616">[RFC2616]</a>
 --><!--START complete--><!--START epub--><!--END websocket-protocol--><!--
-     <a href="#refsHTTP">[HTTP]</a>
+      <a href="#refsHTTP">[HTTP]</a>
 --><!--START websocket-protocol--><!--
-     </p></dd>
+      </p>
 
+     </dd>
+
      <dt>Any other name</dt>
 
      <dd>Ignore it.</dd>
@@ -82919,12 +82940,20 @@
 
    </li>
 
+   <li><p>If the <var title="">defer cookies</var> flag is not set,
+   <span>apply the cookies</span> in the <var title="">list of
+   cookies</var>.</p></li>
+
    <li>
 
     <p>The <dfn>WebSocket connection is established</dfn>. Now the
     user agent must send and receive to and from the connection as
     described in the next section.</p>
 
+    <p>If the <var title="">defer cookies</var> flag is set, store the
+    <var title="">list of cookies</var> for use by the component that
+    invoked this algorithm.</p>
+
    </li>
 
   </ol>
@@ -82950,7 +82979,19 @@
   than collecting all the fields and then checking them as a
   block.</p>
 
+  <p>When the user agent is to <dfn>apply the cookies</dfn> in a <var
+  title="">list of cookies</var>, it must handle each cookie in the
+  <var title="">list of cookies</var> as defined by the appropriate
+  specification.
+<!--END complete--><!--END epub-->
+  <a href="#refsRFC2109">[RFC2109]</a>
+  <a href="#refsRFC2965">[RFC2965]</a>
+<!--START complete--><!--START epub--><!--END websocket-protocol-->
+  <a href="#refsCOOKIES">[COOKIES]</a>
+<!--START websocket-protocol-->
+  </p>
 
+
   <h6>Data framing</h6>
 
   <p>Once a <span>WebSocket connection is established</span>, the user




More information about the Commit-Watchers mailing list