[whatwg] Case-sensitivity of "WebSocket" in Upgrade field
Simon Pieters
simonp at opera.com
Wed Apr 21 10:38:02 PDT 2010
WebSocket establish a WebSocket connection:
[[
41. ...
If the entry's name is "upgrade"
If the value is not exactly equal to the string "WebSocket", then fail the
WebSocket connection and abort these steps.
]]
Reading the client's opening handshake:
[[
Upgrade
Invariant part of the handshake. Will always have a value that is an ASCII
case-insensitive match for the string "WebSocket".
Can be safely ignored, though the server should abort the WebSocket
connection if this field is absent or has a different value, to avoid
vulnerability to cross-protocol attacks.
]]
Why should the client compare case-sensitively but the server
case-insensitively?
--
Simon Pieters
Opera Software
More information about the whatwg
mailing list