[html5] r5186 - [giow] (1) Make the cookies set by a WebSocket server get set sync with the 'ope [...]
whatwg at whatwg.org
whatwg at whatwg.org
Thu Jul 22 13:02:36 PDT 2010
Author: ianh
Date: 2010-07-22 13:02:36 -0700 (Thu, 22 Jul 2010)
New Revision: 5186
Modified:
complete.html
source
Log:
[giow] (1) Make the cookies set by a WebSocket server get set sync with the 'open' event and not get set if the handshake fails.
Modified: complete.html
===================================================================
--- complete.html 2010-07-22 19:22:39 UTC (rev 5185)
+++ complete.html 2010-07-22 20:02:36 UTC (rev 5186)
@@ -71918,8 +71918,8 @@
<p><a href=#establish-a-websocket-connection>Establish a WebSocket connection</a> to a host <var title="">host</var>, on port <var title="">port</var> (if one was
specified), from <var title="">origin</var>, with the flag <var title="">secure</var>, with <var title="">resource name</var> as
- the resource name, and with <var title="">protocols</var> as the
- (possibly empty) list of protocols.</p>
+ the resource name, with <var title="">protocols</var> as the
+ (possibly empty) list of protocols, and with the <var title="">defer cookies</var> flag set.</p>
<p class=note>If the "<a href=#establish-a-websocket-connection>establish a WebSocket
connection</a>" algorithm fails, it triggers the "<a href=#fail-the-websocket-connection>fail
@@ -72110,10 +72110,12 @@
<p>When the <i><a href=#websocket-connection-is-established>WebSocket connection is established</a></i>, the user
agent must <a href=#queue-a-task>queue a task</a> to first change the <code title=dom-WebSocket-readyState><a href=#dom-websocket-readystate>readyState</a></code> attribute's value
- to <code title=dom-WebSocket-OPEN><a href=#dom-websocket-open>OPEN</a></code> (1); then change the
- <code title=dom-WebSocket-protocol><a href=#dom-websocket-protocol>protocol</a></code> attribute's
- value to the <a href=#selected-websocket-subprotocol>selected WebSocket subprotocol</a>, if there
- is one; and then <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-open>open</code> at the <code><a href=#websocket>WebSocket</a></code>
+ to <code title=dom-WebSocket-OPEN><a href=#dom-websocket-open>OPEN</a></code> (1); <a href=#apply-the-cookies>apply the
+ cookies</a> that were collected in the <var title="">list of
+ cookies</var> when the <a href=#websocket-connection-is-established title="WebSocket connection is
+ established">connection was established</a>; change the <code title=dom-WebSocket-protocol><a href=#dom-websocket-protocol>protocol</a></code> attribute's value to
+ the <a href=#selected-websocket-subprotocol>selected WebSocket subprotocol</a>, if there is one;
+ and then <a href=#fire-a-simple-event>fire a simple event</a> named <code title=event-open>open</code> at the <code><a href=#websocket>WebSocket</a></code>
object.</p>
<p>When <i><a href=#a-websocket-message-has-been-received>a WebSocket message has been received</a></i> with text <var title="">data</var>, the user agent must create an event that uses
@@ -72841,8 +72843,9 @@
<p>When the user agent is to <dfn id=establish-a-websocket-connection>establish a WebSocket
connection</dfn> to a host <var title="">host</var>, on a port <var title="">port</var>, from an origin whose <a href=#ascii-serialization-of-an-origin title="ASCII
serialization of an origin">ASCII serialization</a> is <var title="">origin</var>, with a flag <var title="">secure</var>, with
- a string giving a <var title="">resource name</var>, and with a
- (possibly empty) list of strings giving the <var title="">protocols</var>, it must run the following steps. The <var title="">host</var> must have been punycode-encoded already if
+ a string giving a <var title="">resource name</var>, with a
+ (possibly empty) list of strings giving the <var title="">protocols</var>, and optionally with a <var title="">defer
+ cookies</var> flag, it must run the following steps. The <var title="">host</var> must have been punycode-encoded already if
necessary (i.e. it does not contain characters above U+007E). The
<var title="">origin</var> must not contain characters in the range
U+0041 to U+005A (i.e. LATIN CAPITAL LETTER A to LATIN CAPITAL
@@ -73448,6 +73451,8 @@
</li>
+ <li><p>Let the <var title="">list of cookies</var> be empty.</li>
+
<li>
<p>
@@ -73520,8 +73525,9 @@
<dd>
<p>If the relevant specification is supported by the user agent,
- handle the cookie as defined by the appropriate specification,
- with the resource being the one with the host <var title="">host</var>, the port <var title="">port</var>, the path
+ add the cookie, interpreted as defined by the appropriate
+ specification, to the <var title="">list of cookies</var>, with
+ the resource being the one with the host <var title="">host</var>, the port <var title="">port</var>, the path
(and possibly query parameters) <var title="">resource
name</var>, and the scheme <code title="">http</code> if <var title="">secure</var> is false and <code title="">https</code>
if <var title="">secure</var> is true.
@@ -73532,6 +73538,11 @@
<p>If the relevant specification is not supported by the user
agent, then the field must be ignored.</p>
+ <p class=note>The cookies added to the <var title="">list of
+ cookies</var> are discarded if the connection fails to be
+ established. Only if and when the connection is established do
+ the cookies actually get applied.</p>
+
</dd>
@@ -73585,6 +73596,9 @@
<li><p>Close the connection if the server has not already done
so.</p></li>
+ <li><p><span>Apply the cookies</span> in the <var title="">list
+ of cookies</var>.</p></li>
+
<li><p>Jump back to the first step of the overall algorithm
(the very top of the handshake).</p></li>
@@ -73613,16 +73627,21 @@
<dt>If the entry's name is "<code
title="">www-authenticate</code>"</dt>
- <dd><p>Obtain credentials in a manner consistent with the
- requirements for handling the <code>WWW-Authenticate</code>
- header in HTTP, and then close the connection (if the server has
- not already done so) and jump back to the step labeled
- <i>connect</i>, including the relevant authentication headers in
- the new request.
- <a href="#refsHTTP">[HTTP]</a>
+ <dd>
+
+ <p><span>Apply the cookies</span> in the <var title="">list of
+ cookies</var>, then obtain credentials in a manner consistent
+ with the requirements for handling the
+ <code>WWW-Authenticate</code> header in HTTP, and then close
+ the connection (if the server has not already done so) and jump
+ back to the step labeled <i>connect</i>, including the relevant
+ authentication headers in the new request.
+ <a href="#refsHTTP">[HTTP]</a>
--><!--
- </p></dd>
+ </p>
+ </dd>
+
<dt>Any other name</dt>
<dd>Ignore it.</dd>
@@ -73680,12 +73699,20 @@
</li>
+ <li><p>If the <var title="">defer cookies</var> flag is not set,
+ <a href=#apply-the-cookies>apply the cookies</a> in the <var title="">list of
+ cookies</var>.</li>
+
<li>
<p>The <dfn id=websocket-connection-is-established>WebSocket connection is established</dfn>. Now the
user agent must send and receive to and from the connection as
described in the next section.</p>
+ <p>If the <var title="">defer cookies</var> flag is set, store the
+ <var title="">list of cookies</var> for use by the component that
+ invoked this algorithm.</p>
+
</li>
</ol><p>Where the algorithm above requires that a user agent <a href=#fail-the-websocket-connection>fail
@@ -73709,7 +73736,14 @@
than collecting all the fields and then checking them as a
block.</p>
+ <p>When the user agent is to <dfn id=apply-the-cookies>apply the cookies</dfn> in a <var title="">list of cookies</var>, it must handle each cookie in the
+ <var title="">list of cookies</var> as defined by the appropriate
+ specification.
+ <a href=#refsCOOKIES>[COOKIES]</a>
+ </p>
+
+
<h6 id=data-framing><span class=secno>10.3.4.4.2 </span>Data framing</h6>
<p>Once a <a href=#websocket-connection-is-established>WebSocket connection is established</a>, the user
Modified: source
===================================================================
--- source 2010-07-22 19:22:39 UTC (rev 5185)
+++ source 2010-07-22 20:02:36 UTC (rev 5186)
@@ -80897,8 +80897,9 @@
title="">host</var>, on port <var title="">port</var> (if one was
specified), from <var title="">origin</var>, with the flag <var
title="">secure</var>, with <var title="">resource name</var> as
- the resource name, and with <var title="">protocols</var> as the
- (possibly empty) list of protocols.</p>
+ the resource name, with <var title="">protocols</var> as the
+ (possibly empty) list of protocols, and with the <var
+ title="">defer cookies</var> flag set.</p>
<p class="note">If the "<span>establish a WebSocket
connection</span>" algorithm fails, it triggers the "<span>fail
@@ -81137,10 +81138,13 @@
<p>When the <i>WebSocket connection is established</i>, the user
agent must <span>queue a task</span> to first change the <code
title="dom-WebSocket-readyState">readyState</code> attribute's value
- to <code title="dom-WebSocket-OPEN">OPEN</code> (1); then change the
- <code title="dom-WebSocket-protocol">protocol</code> attribute's
- value to the <span>selected WebSocket subprotocol</span>, if there
- is one; and then <span>fire a simple event</span> named <code
+ to <code title="dom-WebSocket-OPEN">OPEN</code> (1); <span>apply the
+ cookies</span> that were collected in the <var title="">list of
+ cookies</var> when the <span title="WebSocket connection is
+ established">connection was established</span>; change the <code
+ title="dom-WebSocket-protocol">protocol</code> attribute's value to
+ the <span>selected WebSocket subprotocol</span>, if there is one;
+ and then <span>fire a simple event</span> named <code
title="event-open">open</code> at the <code>WebSocket</code>
object.</p>
@@ -81979,9 +81983,10 @@
title="">port</var>, from an origin whose <span title="ASCII
serialization of an origin">ASCII serialization</span> is <var
title="">origin</var>, with a flag <var title="">secure</var>, with
- a string giving a <var title="">resource name</var>, and with a
+ a string giving a <var title="">resource name</var>, with a
(possibly empty) list of strings giving the <var
- title="">protocols</var>, it must run the following steps. The <var
+ title="">protocols</var>, and optionally with a <var title="">defer
+ cookies</var> flag, it must run the following steps. The <var
title="">host</var> must have been punycode-encoded already if
necessary (i.e. it does not contain characters above U+007E). The
<var title="">origin</var> must not contain characters in the range
@@ -82642,6 +82647,8 @@
</li>
+ <li><p>Let the <var title="">list of cookies</var> be empty.</p></li>
+
<li>
<p>
@@ -82738,8 +82745,9 @@
<dd>
<p>If the relevant specification is supported by the user agent,
- handle the cookie as defined by the appropriate specification,
- with the resource being the one with the host <var
+ add the cookie, interpreted as defined by the appropriate
+ specification, to the <var title="">list of cookies</var>, with
+ the resource being the one with the host <var
title="">host</var>, the port <var title="">port</var>, the path
(and possibly query parameters) <var title="">resource
name</var>, and the scheme <code title="">http</code> if <var
@@ -82756,6 +82764,11 @@
<p>If the relevant specification is not supported by the user
agent, then the field must be ignored.</p>
+ <p class="note">The cookies added to the <var title="">list of
+ cookies</var> are discarded if the connection fails to be
+ established. Only if and when the connection is established do
+ the cookies actually get applied.</p>
+
</dd>
@@ -82812,6 +82825,9 @@
<li><p>Close the connection if the server has not already done
so.</p></li>
+ <li><p><span>Apply the cookies</span> in the <var title="">list
+ of cookies</var>.</p></li>
+
<li><p>Jump back to the first step of the overall algorithm
(the very top of the handshake).</p></li>
@@ -82842,19 +82858,24 @@
<dt>If the entry's name is "<code
title="">www-authenticate</code>"</dt>
- <dd><p>Obtain credentials in a manner consistent with the
- requirements for handling the <code>WWW-Authenticate</code>
- header in HTTP, and then close the connection (if the server has
- not already done so) and jump back to the step labeled
- <i>connect</i>, including the relevant authentication headers in
- the new request.
+ <dd>
+
+ <p><span>Apply the cookies</span> in the <var title="">list of
+ cookies</var>, then obtain credentials in a manner consistent
+ with the requirements for handling the
+ <code>WWW-Authenticate</code> header in HTTP, and then close
+ the connection (if the server has not already done so) and jump
+ back to the step labeled <i>connect</i>, including the relevant
+ authentication headers in the new request.
--><!--END complete--><!--END epub--><!--
- <a href="#refsRFC2616">[RFC2616]</a>
+ <a href="#refsRFC2616">[RFC2616]</a>
--><!--START complete--><!--START epub--><!--END websocket-protocol--><!--
- <a href="#refsHTTP">[HTTP]</a>
+ <a href="#refsHTTP">[HTTP]</a>
--><!--START websocket-protocol--><!--
- </p></dd>
+ </p>
+ </dd>
+
<dt>Any other name</dt>
<dd>Ignore it.</dd>
@@ -82919,12 +82940,20 @@
</li>
+ <li><p>If the <var title="">defer cookies</var> flag is not set,
+ <span>apply the cookies</span> in the <var title="">list of
+ cookies</var>.</p></li>
+
<li>
<p>The <dfn>WebSocket connection is established</dfn>. Now the
user agent must send and receive to and from the connection as
described in the next section.</p>
+ <p>If the <var title="">defer cookies</var> flag is set, store the
+ <var title="">list of cookies</var> for use by the component that
+ invoked this algorithm.</p>
+
</li>
</ol>
@@ -82950,7 +82979,19 @@
than collecting all the fields and then checking them as a
block.</p>
+ <p>When the user agent is to <dfn>apply the cookies</dfn> in a <var
+ title="">list of cookies</var>, it must handle each cookie in the
+ <var title="">list of cookies</var> as defined by the appropriate
+ specification.
+<!--END complete--><!--END epub-->
+ <a href="#refsRFC2109">[RFC2109]</a>
+ <a href="#refsRFC2965">[RFC2965]</a>
+<!--START complete--><!--START epub--><!--END websocket-protocol-->
+ <a href="#refsCOOKIES">[COOKIES]</a>
+<!--START websocket-protocol-->
+ </p>
+
<h6>Data framing</h6>
<p>Once a <span>WebSocket connection is established</span>, the user
More information about the Commit-Watchers
mailing list