2 * Copyright (C) 2011 Google Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #if ENABLE(WEB_SOCKETS)
35 #include "WebSocketChannel.h"
38 #include "CookieJar.h"
40 #include "FileError.h"
41 #include "FileReaderLoader.h"
42 #include "InspectorInstrumentation.h"
45 #include "ProgressTracker.h"
46 #include "ScriptCallStack.h"
47 #include "ScriptExecutionContext.h"
49 #include "SocketStreamError.h"
50 #include "SocketStreamHandle.h"
51 #include "WebSocketChannelClient.h"
52 #include "WebSocketHandshake.h"
54 #include <wtf/ArrayBuffer.h>
55 #include <wtf/CryptographicallyRandomNumber.h>
56 #include <wtf/Deque.h>
57 #include <wtf/FastMalloc.h>
58 #include <wtf/HashMap.h>
59 #include <wtf/OwnPtr.h>
60 #include <wtf/PassOwnPtr.h>
61 #include <wtf/text/CString.h>
62 #include <wtf/text/StringHash.h>
63 #include <wtf/text/WTFString.h>
69 const double TCPMaximumSegmentLifetime = 2 * 60.0;
71 // Constants for hybi-10 frame format.
72 const unsigned char finalBit = 0x80;
73 const unsigned char reserved1Bit = 0x40;
74 const unsigned char reserved2Bit = 0x20;
75 const unsigned char reserved3Bit = 0x10;
76 const unsigned char opCodeMask = 0xF;
77 const unsigned char maskBit = 0x80;
78 const unsigned char payloadLengthMask = 0x7F;
79 const size_t maxPayloadLengthWithoutExtendedLengthField = 125;
80 const size_t payloadLengthWithTwoByteExtendedLengthField = 126;
81 const size_t payloadLengthWithEightByteExtendedLengthField = 127;
82 const size_t maskingKeyWidthInBytes = 4;
84 const WebSocketChannel::OpCode WebSocketChannel::OpCodeContinuation = 0x0;
85 const WebSocketChannel::OpCode WebSocketChannel::OpCodeText = 0x1;
86 const WebSocketChannel::OpCode WebSocketChannel::OpCodeBinary = 0x2;
87 const WebSocketChannel::OpCode WebSocketChannel::OpCodeClose = 0x8;
88 const WebSocketChannel::OpCode WebSocketChannel::OpCodePing = 0x9;
89 const WebSocketChannel::OpCode WebSocketChannel::OpCodePong = 0xA;
91 WebSocketChannel::WebSocketChannel(ScriptExecutionContext* context, WebSocketChannelClient* client)
96 , m_resumeTimer(this, &WebSocketChannel::resumeTimerFired)
99 , m_receivedClosingHandshake(false)
100 , m_closingTimer(this, &WebSocketChannel::closingTimerFired)
102 , m_shouldDiscardReceivedData(false)
103 , m_unhandledBufferedAmount(0)
105 , m_useHixie76Protocol(true)
106 , m_hasContinuousFrame(false)
107 , m_closeEventCode(CloseEventCodeAbnormalClosure)
108 , m_outgoingFrameQueueStatus(OutgoingFrameQueueOpen)
110 , m_blobLoaderStatus(BlobLoaderNotStarted)
113 ASSERT(m_context->isDocument());
114 Document* document = static_cast<Document*>(m_context);
115 if (Settings* settings = document->settings())
116 m_useHixie76Protocol = settings->useHixie76WebSocketProtocol();
118 if (Page* page = document->page())
119 m_identifier = page->progress()->createUniqueIdentifier();
122 WebSocketChannel::~WebSocketChannel()
127 bool WebSocketChannel::useHixie76Protocol()
129 return m_useHixie76Protocol;
132 void WebSocketChannel::connect(const KURL& url, const String& protocol)
134 LOG(Network, "WebSocketChannel %p connect", this);
136 ASSERT(!m_suspended);
137 m_handshake = adoptPtr(new WebSocketHandshake(url, protocol, m_context, m_useHixie76Protocol));
138 m_handshake->reset();
140 InspectorInstrumentation::didCreateWebSocket(m_context, m_identifier, url, m_context->url());
142 m_handle = SocketStreamHandle::create(m_handshake->url(), this);
145 String WebSocketChannel::subprotocol()
147 LOG(Network, "WebSocketChannel %p subprotocol", this);
148 if (!m_handshake || m_handshake->mode() != WebSocketHandshake::Connected)
150 String serverProtocol = m_handshake->serverWebSocketProtocol();
151 if (serverProtocol.isNull())
153 return serverProtocol;
156 bool WebSocketChannel::send(const String& message)
158 LOG(Network, "WebSocketChannel %p send %s", this, message.utf8().data());
159 if (m_useHixie76Protocol) {
160 CString utf8 = message.utf8();
161 return sendFrameHixie76(utf8.data(), utf8.length());
163 enqueueTextFrame(message);
164 // According to WebSocket API specification, WebSocket.send() should return void instead
165 // of boolean. However, our implementation still returns boolean due to compatibility
166 // concern (see bug 65850).
167 // m_channel->send() may happen later, thus it's not always possible to know whether
168 // the message has been sent to the socket successfully. In this case, we have no choice
169 // but to return true.
173 bool WebSocketChannel::send(const ArrayBuffer& binaryData)
175 LOG(Network, "WebSocketChannel %p send arraybuffer %p", this, &binaryData);
176 ASSERT(!m_useHixie76Protocol);
177 enqueueRawFrame(OpCodeBinary, static_cast<const char*>(binaryData.data()), binaryData.byteLength());
181 bool WebSocketChannel::send(const Blob& binaryData)
183 LOG(Network, "WebSocketChannel %p send blob %s", this, binaryData.url().string().utf8().data());
184 ASSERT(!m_useHixie76Protocol);
185 enqueueBlobFrame(OpCodeBinary, binaryData);
189 bool WebSocketChannel::send(const char* data, int length)
191 LOG(Network, "WebSocketChannel %p send binary %p (%dB)", this, data, length);
192 ASSERT(!m_useHixie76Protocol);
193 enqueueRawFrame(OpCodeBinary, data, length);
197 unsigned long WebSocketChannel::bufferedAmount() const
199 LOG(Network, "WebSocketChannel %p bufferedAmount", this);
201 ASSERT(!m_suspended);
202 return m_handle->bufferedAmount();
205 void WebSocketChannel::close(int code, const String& reason)
207 LOG(Network, "WebSocketChannel %p close", this);
208 ASSERT(!m_suspended);
211 startClosingHandshake(code, reason);
212 if (m_closing && !m_closingTimer.isActive())
213 m_closingTimer.startOneShot(2 * TCPMaximumSegmentLifetime);
216 void WebSocketChannel::fail(const String& reason)
218 LOG(Network, "WebSocketChannel %p fail: %s", this, reason.utf8().data());
219 ASSERT(!m_suspended);
221 m_context->addMessage(JSMessageSource, LogMessageType, ErrorMessageLevel, reason, 0, m_handshake->clientOrigin(), 0);
222 if (!m_useHixie76Protocol) {
223 // Hybi-10 specification explicitly states we must not continue to handle incoming data
224 // once the WebSocket connection is failed (section 7.1.7).
225 // FIXME: Should we do this in hixie-76 too?
226 m_shouldDiscardReceivedData = true;
228 skipBuffer(m_bufferSize); // Save memory.
229 m_hasContinuousFrame = false;
230 m_continuousFrameData.clear();
232 if (m_handle && !m_closed)
233 m_handle->disconnect(); // Will call didClose().
236 void WebSocketChannel::disconnect()
238 LOG(Network, "WebSocketChannel %p disconnect", this);
239 if (m_identifier && m_context)
240 InspectorInstrumentation::didCloseWebSocket(m_context, m_identifier);
242 m_handshake->clearScriptExecutionContext();
246 m_handle->disconnect();
249 void WebSocketChannel::suspend()
254 void WebSocketChannel::resume()
257 if ((m_buffer || m_closed) && m_client && !m_resumeTimer.isActive())
258 m_resumeTimer.startOneShot(0);
261 void WebSocketChannel::didOpenSocketStream(SocketStreamHandle* handle)
263 LOG(Network, "WebSocketChannel %p didOpenSocketStream", this);
264 ASSERT(handle == m_handle);
268 InspectorInstrumentation::willSendWebSocketHandshakeRequest(m_context, m_identifier, m_handshake->clientHandshakeRequest());
269 CString handshakeMessage = m_handshake->clientHandshakeMessage();
270 if (!handle->send(handshakeMessage.data(), handshakeMessage.length()))
271 fail("Failed to send WebSocket handshake.");
274 void WebSocketChannel::didCloseSocketStream(SocketStreamHandle* handle)
276 LOG(Network, "WebSocketChannel %p didCloseSocketStream", this);
277 if (m_identifier && m_context)
278 InspectorInstrumentation::didCloseWebSocket(m_context, m_identifier);
279 ASSERT_UNUSED(handle, handle == m_handle || !m_handle);
281 if (m_closingTimer.isActive())
282 m_closingTimer.stop();
283 if (!m_useHixie76Protocol && m_outgoingFrameQueueStatus != OutgoingFrameQueueClosed)
284 abortOutgoingFrameQueue();
286 m_unhandledBufferedAmount = m_handle->bufferedAmount();
289 WebSocketChannelClient* client = m_client;
294 client->didClose(m_unhandledBufferedAmount, m_receivedClosingHandshake ? WebSocketChannelClient::ClosingHandshakeComplete : WebSocketChannelClient::ClosingHandshakeIncomplete, m_closeEventCode, m_closeEventReason);
299 void WebSocketChannel::didReceiveSocketStreamData(SocketStreamHandle* handle, const char* data, int len)
301 LOG(Network, "WebSocketChannel %p didReceiveSocketStreamData %d", this, len);
302 RefPtr<WebSocketChannel> protect(this); // The client can close the channel, potentially removing the last reference.
303 ASSERT(handle == m_handle);
308 handle->disconnect();
312 m_shouldDiscardReceivedData = true;
313 handle->disconnect();
316 if (m_shouldDiscardReceivedData)
318 if (!appendToBuffer(data, len)) {
319 m_shouldDiscardReceivedData = true;
320 fail("Ran out of memory while receiving WebSocket data.");
323 while (!m_suspended && m_client && m_buffer)
324 if (!processBuffer())
328 void WebSocketChannel::didUpdateBufferedAmount(SocketStreamHandle*, size_t bufferedAmount)
331 m_client->didUpdateBufferedAmount(bufferedAmount);
334 void WebSocketChannel::didFailSocketStream(SocketStreamHandle* handle, const SocketStreamError& error)
336 LOG(Network, "WebSocketChannel %p didFailSocketStream", this);
337 ASSERT(handle == m_handle || !m_handle);
341 message = "WebSocket network error";
342 else if (error.localizedDescription().isNull())
343 message = "WebSocket network error: error code " + String::number(error.errorCode());
345 message = "WebSocket network error: " + error.localizedDescription();
346 String failingURL = error.failingURL();
347 ASSERT(failingURL.isNull() || m_handshake->url().string() == failingURL);
348 if (failingURL.isNull())
349 failingURL = m_handshake->url().string();
350 m_context->addMessage(NetworkMessageSource, LogMessageType, ErrorMessageLevel, message, 0, failingURL, 0);
352 m_shouldDiscardReceivedData = true;
353 handle->disconnect();
356 void WebSocketChannel::didReceiveAuthenticationChallenge(SocketStreamHandle*, const AuthenticationChallenge&)
360 void WebSocketChannel::didCancelAuthenticationChallenge(SocketStreamHandle*, const AuthenticationChallenge&)
365 void WebSocketChannel::didStartLoading()
367 LOG(Network, "WebSocketChannel %p didStartLoading", this);
368 ASSERT(m_blobLoader);
369 ASSERT(m_blobLoaderStatus == BlobLoaderStarted);
372 void WebSocketChannel::didReceiveData()
374 LOG(Network, "WebSocketChannel %p didReceiveData", this);
375 ASSERT(m_blobLoader);
376 ASSERT(m_blobLoaderStatus == BlobLoaderStarted);
379 void WebSocketChannel::didFinishLoading()
381 LOG(Network, "WebSocketChannel %p didFinishLoading", this);
382 ASSERT(m_blobLoader);
383 ASSERT(m_blobLoaderStatus == BlobLoaderStarted);
384 m_blobLoaderStatus = BlobLoaderFinished;
385 processOutgoingFrameQueue();
389 void WebSocketChannel::didFail(int errorCode)
391 LOG(Network, "WebSocketChannel %p didFail %d", this, errorCode);
392 ASSERT(m_blobLoader);
393 ASSERT(m_blobLoaderStatus == BlobLoaderStarted);
394 m_blobLoader.clear();
395 m_blobLoaderStatus = BlobLoaderFailed;
396 fail("Failed to load Blob: error code = " + String::number(errorCode)); // FIXME: Generate human-friendly reason message.
401 bool WebSocketChannel::appendToBuffer(const char* data, size_t len)
403 size_t newBufferSize = m_bufferSize + len;
404 if (newBufferSize < m_bufferSize) {
405 LOG(Network, "WebSocket buffer overflow (%lu+%lu)", static_cast<unsigned long>(m_bufferSize), static_cast<unsigned long>(len));
409 if (!tryFastMalloc(newBufferSize).getValue(newBuffer))
413 memcpy(newBuffer, m_buffer, m_bufferSize);
414 memcpy(newBuffer + m_bufferSize, data, len);
416 m_buffer = newBuffer;
417 m_bufferSize = newBufferSize;
421 void WebSocketChannel::skipBuffer(size_t len)
423 ASSERT(len <= m_bufferSize);
430 memmove(m_buffer, m_buffer + len, m_bufferSize);
433 bool WebSocketChannel::processBuffer()
435 ASSERT(!m_suspended);
438 LOG(Network, "WebSocketChannel %p processBuffer %lu", this, static_cast<unsigned long>(m_bufferSize));
440 if (m_shouldDiscardReceivedData)
443 if (m_receivedClosingHandshake) {
444 skipBuffer(m_bufferSize);
448 RefPtr<WebSocketChannel> protect(this); // The client can close the channel, potentially removing the last reference.
450 if (m_handshake->mode() == WebSocketHandshake::Incomplete) {
451 int headerLength = m_handshake->readServerHandshake(m_buffer, m_bufferSize);
452 if (headerLength <= 0)
454 if (m_handshake->mode() == WebSocketHandshake::Connected) {
456 InspectorInstrumentation::didReceiveWebSocketHandshakeResponse(m_context, m_identifier, m_handshake->serverHandshakeResponse());
457 if (!m_handshake->serverSetCookie().isEmpty()) {
458 if (m_context->isDocument()) {
459 Document* document = static_cast<Document*>(m_context);
460 if (cookiesEnabled(document)) {
461 ExceptionCode ec; // Exception (for sandboxed documents) ignored.
462 document->setCookie(m_handshake->serverSetCookie(), ec);
466 // FIXME: handle set-cookie2.
467 LOG(Network, "WebSocketChannel %p connected", this);
468 skipBuffer(headerLength);
469 m_client->didConnect();
470 LOG(Network, "remaining in read buf %lu", static_cast<unsigned long>(m_bufferSize));
473 ASSERT(m_handshake->mode() == WebSocketHandshake::Failed);
474 LOG(Network, "WebSocketChannel %p connection failed", this);
475 skipBuffer(headerLength);
476 m_shouldDiscardReceivedData = true;
477 fail(m_handshake->failureReason());
480 if (m_handshake->mode() != WebSocketHandshake::Connected)
483 if (m_useHixie76Protocol)
484 return processFrameHixie76();
486 return processFrame();
489 void WebSocketChannel::resumeTimerFired(Timer<WebSocketChannel>* timer)
491 ASSERT_UNUSED(timer, timer == &m_resumeTimer);
493 RefPtr<WebSocketChannel> protect(this); // The client can close the channel, potentially removing the last reference.
494 while (!m_suspended && m_client && m_buffer)
495 if (!processBuffer())
497 if (!m_suspended && m_client && m_closed && m_handle)
498 didCloseSocketStream(m_handle.get());
501 void WebSocketChannel::startClosingHandshake(int code, const String& reason)
503 LOG(Network, "WebSocketChannel %p closing %d %d", this, m_closing, m_receivedClosingHandshake);
507 if (m_useHixie76Protocol) {
511 if (!m_handle->send(buf.data(), buf.size())) {
512 m_handle->disconnect();
517 if (!m_receivedClosingHandshake && code != CloseEventCodeNotSpecified) {
518 unsigned char highByte = code >> 8;
519 unsigned char lowByte = code;
520 buf.append(static_cast<char>(highByte));
521 buf.append(static_cast<char>(lowByte));
522 buf.append(reason.utf8().data(), reason.utf8().length());
524 enqueueRawFrame(OpCodeClose, buf.data(), buf.size());
528 m_client->didStartClosingHandshake();
531 void WebSocketChannel::closingTimerFired(Timer<WebSocketChannel>* timer)
533 LOG(Network, "WebSocketChannel %p closing timer", this);
534 ASSERT_UNUSED(timer, &m_closingTimer == timer);
536 m_handle->disconnect();
539 WebSocketChannel::ParseFrameResult WebSocketChannel::parseFrame(FrameData& frame)
541 const char* p = m_buffer;
542 const char* bufferEnd = m_buffer + m_bufferSize;
544 if (m_bufferSize < 2)
545 return FrameIncomplete;
547 unsigned char firstByte = *p++;
548 unsigned char secondByte = *p++;
550 bool final = firstByte & finalBit;
551 bool reserved1 = firstByte & reserved1Bit;
552 bool reserved2 = firstByte & reserved2Bit;
553 bool reserved3 = firstByte & reserved3Bit;
554 OpCode opCode = firstByte & opCodeMask;
556 bool masked = secondByte & maskBit;
557 uint64_t payloadLength64 = secondByte & payloadLengthMask;
558 if (payloadLength64 > maxPayloadLengthWithoutExtendedLengthField) {
559 int extendedPayloadLengthSize;
560 if (payloadLength64 == payloadLengthWithTwoByteExtendedLengthField)
561 extendedPayloadLengthSize = 2;
563 ASSERT(payloadLength64 == payloadLengthWithEightByteExtendedLengthField);
564 extendedPayloadLengthSize = 8;
566 if (bufferEnd - p < extendedPayloadLengthSize)
567 return FrameIncomplete;
569 for (int i = 0; i < extendedPayloadLengthSize; ++i) {
570 payloadLength64 <<= 8;
571 payloadLength64 |= static_cast<unsigned char>(*p++);
575 // FIXME: UINT64_C(0x7FFFFFFFFFFFFFFF) should be used but it did not compile on Qt bots.
577 static const uint64_t maxPayloadLength = 0x7FFFFFFFFFFFFFFFui64;
579 static const uint64_t maxPayloadLength = 0x7FFFFFFFFFFFFFFFull;
581 size_t maskingKeyLength = masked ? maskingKeyWidthInBytes : 0;
582 if (payloadLength64 > maxPayloadLength || payloadLength64 + maskingKeyLength > numeric_limits<size_t>::max()) {
583 fail("WebSocket frame length too large: " + String::number(payloadLength64) + " bytes");
586 size_t payloadLength = static_cast<size_t>(payloadLength64);
588 if (static_cast<size_t>(bufferEnd - p) < maskingKeyLength + payloadLength)
589 return FrameIncomplete;
592 const char* maskingKey = p;
593 char* payload = const_cast<char*>(p + maskingKeyWidthInBytes);
594 for (size_t i = 0; i < payloadLength; ++i)
595 payload[i] ^= maskingKey[i % maskingKeyWidthInBytes]; // Unmask the payload.
598 frame.opCode = opCode;
600 frame.reserved1 = reserved1;
601 frame.reserved2 = reserved2;
602 frame.reserved3 = reserved3;
603 frame.masked = masked;
604 frame.payload = p + maskingKeyLength;
605 frame.payloadLength = payloadLength;
606 frame.frameEnd = p + maskingKeyLength + payloadLength;
610 bool WebSocketChannel::processFrame()
615 if (parseFrame(frame) != FrameOK)
618 // Validate the frame data.
619 if (isReservedOpCode(frame.opCode)) {
620 fail("Unrecognized frame opcode: " + String::number(frame.opCode));
624 if (frame.reserved1 || frame.reserved2 || frame.reserved3) {
625 fail("One or more reserved bits are on: reserved1 = " + String::number(frame.reserved1) + ", reserved2 = " + String::number(frame.reserved2) + ", reserved3 = " + String::number(frame.reserved3));
629 // All control frames must not be fragmented.
630 if (isControlOpCode(frame.opCode) && !frame.final) {
631 fail("Received fragmented control frame: opcode = " + String::number(frame.opCode));
635 // All control frames must have a payload of 125 bytes or less, which means the frame must not contain
636 // the "extended payload length" field.
637 if (isControlOpCode(frame.opCode) && frame.payloadLength > maxPayloadLengthWithoutExtendedLengthField) {
638 fail("Received control frame having too long payload: " + String::number(frame.payloadLength) + " bytes");
642 // A new data frame is received before the previous continuous frame finishes.
643 // Note that control frames are allowed to come in the middle of continuous frames.
644 if (m_hasContinuousFrame && frame.opCode != OpCodeContinuation && !isControlOpCode(frame.opCode)) {
645 fail("Received new data frame but previous continuous frame is unfinished.");
649 switch (frame.opCode) {
650 case OpCodeContinuation:
651 // An unexpected continuation frame is received without any leading frame.
652 if (!m_hasContinuousFrame) {
653 fail("Received unexpected continuation frame.");
656 m_continuousFrameData.append(frame.payload, frame.payloadLength);
657 skipBuffer(frame.frameEnd - m_buffer);
659 // onmessage handler may eventually call the other methods of this channel,
660 // so we should pretend that we have finished to read this frame and
661 // make sure that the member variables are in a consistent state before
662 // the handler is invoked.
663 // Vector<char>::swap() is used here to clear m_continuousFrameData.
664 OwnPtr<Vector<char> > continuousFrameData = adoptPtr(new Vector<char>);
665 m_continuousFrameData.swap(*continuousFrameData);
666 m_hasContinuousFrame = false;
667 if (m_continuousFrameOpCode == OpCodeText) {
669 if (continuousFrameData->size())
670 message = String::fromUTF8(continuousFrameData->data(), continuousFrameData->size());
673 if (message.isNull())
674 fail("Could not decode a text frame as UTF-8.");
676 m_client->didReceiveMessage(message);
677 } else if (m_continuousFrameOpCode == OpCodeBinary)
678 m_client->didReceiveBinaryData(continuousFrameData.release());
685 if (frame.payloadLength)
686 message = String::fromUTF8(frame.payload, frame.payloadLength);
689 skipBuffer(frame.frameEnd - m_buffer);
690 if (message.isNull())
691 fail("Could not decode a text frame as UTF-8.");
693 m_client->didReceiveMessage(message);
695 m_hasContinuousFrame = true;
696 m_continuousFrameOpCode = OpCodeText;
697 ASSERT(m_continuousFrameData.isEmpty());
698 m_continuousFrameData.append(frame.payload, frame.payloadLength);
699 skipBuffer(frame.frameEnd - m_buffer);
705 OwnPtr<Vector<char> > binaryData = adoptPtr(new Vector<char>(frame.payloadLength));
706 memcpy(binaryData->data(), frame.payload, frame.payloadLength);
707 skipBuffer(frame.frameEnd - m_buffer);
708 m_client->didReceiveBinaryData(binaryData.release());
710 m_hasContinuousFrame = true;
711 m_continuousFrameOpCode = OpCodeBinary;
712 ASSERT(m_continuousFrameData.isEmpty());
713 m_continuousFrameData.append(frame.payload, frame.payloadLength);
714 skipBuffer(frame.frameEnd - m_buffer);
719 if (frame.payloadLength >= 2) {
720 unsigned char highByte = static_cast<unsigned char>(frame.payload[0]);
721 unsigned char lowByte = static_cast<unsigned char>(frame.payload[1]);
722 m_closeEventCode = highByte << 8 | lowByte;
724 m_closeEventCode = CloseEventCodeNoStatusRcvd;
725 if (frame.payloadLength >= 3)
726 m_closeEventReason = String::fromUTF8(&frame.payload[2], frame.payloadLength - 2);
728 m_closeEventReason = "";
729 skipBuffer(frame.frameEnd - m_buffer);
730 m_receivedClosingHandshake = true;
731 startClosingHandshake(m_closeEventCode, m_closeEventReason);
733 m_outgoingFrameQueueStatus = OutgoingFrameQueueClosing;
734 processOutgoingFrameQueue();
739 enqueueRawFrame(OpCodePong, frame.payload, frame.payloadLength);
740 skipBuffer(frame.frameEnd - m_buffer);
744 // A server may send a pong in response to our ping, or an unsolicited pong which is not associated with
745 // any specific ping. Either way, there's nothing to do on receipt of pong.
746 skipBuffer(frame.frameEnd - m_buffer);
750 ASSERT_NOT_REACHED();
751 skipBuffer(frame.frameEnd - m_buffer);
758 bool WebSocketChannel::processFrameHixie76()
760 const char* nextFrame = m_buffer;
761 const char* p = m_buffer;
762 const char* end = p + m_bufferSize;
764 unsigned char frameByte = static_cast<unsigned char>(*p++);
765 if ((frameByte & 0x80) == 0x80) {
767 bool errorFrame = false;
768 bool lengthFinished = false;
770 if (length > numeric_limits<size_t>::max() / 128) {
771 LOG(Network, "frame length overflow %lu", static_cast<unsigned long>(length));
775 size_t newLength = length * 128;
776 unsigned char msgByte = static_cast<unsigned char>(*p);
777 unsigned int lengthMsgByte = msgByte & 0x7f;
778 if (newLength > numeric_limits<size_t>::max() - lengthMsgByte) {
779 LOG(Network, "frame length overflow %lu+%u", static_cast<unsigned long>(newLength), lengthMsgByte);
783 newLength += lengthMsgByte;
784 if (newLength < length) { // sanity check
785 LOG(Network, "frame length integer wrap %lu->%lu", static_cast<unsigned long>(length), static_cast<unsigned long>(newLength));
791 if (!(msgByte & 0x80)) {
792 lengthFinished = true;
796 if (!errorFrame && !lengthFinished)
798 if (p + length < p) {
799 LOG(Network, "frame buffer pointer wrap %p+%lu->%p", p, static_cast<unsigned long>(length), p + length);
803 skipBuffer(m_bufferSize); // Save memory.
804 m_shouldDiscardReceivedData = true;
805 m_client->didReceiveMessageError();
806 fail("WebSocket frame length too large");
809 ASSERT(p + length >= p);
810 if (p + length <= end) {
813 ASSERT(nextFrame > m_buffer);
814 skipBuffer(nextFrame - m_buffer);
815 if (frameByte == 0xff && !length) {
816 m_receivedClosingHandshake = true;
817 startClosingHandshake(CloseEventCodeNotSpecified, "");
819 m_handle->close(); // close after sending FF 00.
821 m_client->didReceiveMessageError();
827 const char* msgStart = p;
828 while (p < end && *p != '\xff')
830 if (p < end && *p == '\xff') {
831 int msgLength = p - msgStart;
834 if (frameByte == 0x00) {
835 String msg = String::fromUTF8(msgStart, msgLength);
836 skipBuffer(nextFrame - m_buffer);
837 m_client->didReceiveMessage(msg);
839 skipBuffer(nextFrame - m_buffer);
840 m_client->didReceiveMessageError();
847 void WebSocketChannel::enqueueTextFrame(const String& string)
849 ASSERT(!m_useHixie76Protocol);
850 ASSERT(m_outgoingFrameQueueStatus == OutgoingFrameQueueOpen);
851 OwnPtr<QueuedFrame> frame = adoptPtr(new QueuedFrame);
852 frame->opCode = OpCodeText;
853 frame->frameType = QueuedFrameTypeString;
854 frame->stringData = string;
855 m_outgoingFrameQueue.append(frame.release());
856 processOutgoingFrameQueue();
859 void WebSocketChannel::enqueueRawFrame(OpCode opCode, const char* data, size_t dataLength)
861 ASSERT(!m_useHixie76Protocol);
862 ASSERT(m_outgoingFrameQueueStatus == OutgoingFrameQueueOpen);
863 OwnPtr<QueuedFrame> frame = adoptPtr(new QueuedFrame);
864 frame->opCode = opCode;
865 frame->frameType = QueuedFrameTypeVector;
866 frame->vectorData.resize(dataLength);
868 memcpy(frame->vectorData.data(), data, dataLength);
869 m_outgoingFrameQueue.append(frame.release());
870 processOutgoingFrameQueue();
873 void WebSocketChannel::enqueueBlobFrame(OpCode opCode, const Blob& blob)
875 ASSERT(!m_useHixie76Protocol);
876 ASSERT(m_outgoingFrameQueueStatus == OutgoingFrameQueueOpen);
877 OwnPtr<QueuedFrame> frame = adoptPtr(new QueuedFrame);
878 frame->opCode = opCode;
879 frame->frameType = QueuedFrameTypeBlob;
880 frame->blobData = Blob::create(blob.url(), blob.type(), blob.size());
881 m_outgoingFrameQueue.append(frame.release());
882 processOutgoingFrameQueue();
885 void WebSocketChannel::processOutgoingFrameQueue()
887 ASSERT(!m_useHixie76Protocol);
888 if (m_outgoingFrameQueueStatus == OutgoingFrameQueueClosed)
891 while (!m_outgoingFrameQueue.isEmpty()) {
892 OwnPtr<QueuedFrame> frame = m_outgoingFrameQueue.takeFirst();
893 switch (frame->frameType) {
894 case QueuedFrameTypeString: {
895 CString utf8 = frame->stringData.utf8();
896 if (!sendFrame(frame->opCode, utf8.data(), utf8.length()))
897 fail("Failed to send WebSocket frame.");
901 case QueuedFrameTypeVector:
902 if (!sendFrame(frame->opCode, frame->vectorData.data(), frame->vectorData.size()))
903 fail("Failed to send WebSocket frame.");
906 case QueuedFrameTypeBlob: {
908 switch (m_blobLoaderStatus) {
909 case BlobLoaderNotStarted:
910 ref(); // Will be derefed after didFinishLoading() or didFail().
911 ASSERT(!m_blobLoader);
912 m_blobLoader = adoptPtr(new FileReaderLoader(FileReaderLoader::ReadAsArrayBuffer, this));
913 m_blobLoaderStatus = BlobLoaderStarted;
914 m_blobLoader->start(m_context, frame->blobData.get());
915 m_outgoingFrameQueue.prepend(frame.release());
918 case BlobLoaderStarted:
919 case BlobLoaderFailed:
920 m_outgoingFrameQueue.prepend(frame.release());
923 case BlobLoaderFinished: {
924 RefPtr<ArrayBuffer> result = m_blobLoader->arrayBufferResult();
925 m_blobLoader.clear();
926 m_blobLoaderStatus = BlobLoaderNotStarted;
927 if (!sendFrame(frame->opCode, static_cast<const char*>(result->data()), result->byteLength()))
928 fail("Failed to send WebSocket frame.");
933 fail("FileReader is not available. Could not send a Blob as WebSocket binary message.");
939 ASSERT_NOT_REACHED();
944 ASSERT(m_outgoingFrameQueue.isEmpty());
945 if (m_outgoingFrameQueueStatus == OutgoingFrameQueueClosing) {
946 m_outgoingFrameQueueStatus = OutgoingFrameQueueClosed;
951 void WebSocketChannel::abortOutgoingFrameQueue()
953 ASSERT(!m_useHixie76Protocol);
954 m_outgoingFrameQueue.clear();
955 m_outgoingFrameQueueStatus = OutgoingFrameQueueClosed;
957 if (m_blobLoaderStatus == BlobLoaderStarted) {
958 m_blobLoader->cancel();
959 didFail(FileError::ABORT_ERR);
964 bool WebSocketChannel::sendFrame(OpCode opCode, const char* data, size_t dataLength)
967 ASSERT(!m_suspended);
970 ASSERT(!(opCode & ~opCodeMask)); // Checks whether "opCode" fits in the range of opCodes.
971 frame.append(finalBit | opCode);
972 if (dataLength <= maxPayloadLengthWithoutExtendedLengthField)
973 frame.append(maskBit | dataLength);
974 else if (dataLength <= 0xFFFF) {
975 frame.append(maskBit | payloadLengthWithTwoByteExtendedLengthField);
976 frame.append((dataLength & 0xFF00) >> 8);
977 frame.append(dataLength & 0xFF);
979 frame.append(maskBit | payloadLengthWithEightByteExtendedLengthField);
980 char extendedPayloadLength[8];
981 size_t remaining = dataLength;
982 // Fill the length into extendedPayloadLength in the network byte order.
983 for (int i = 0; i < 8; ++i) {
984 extendedPayloadLength[7 - i] = remaining & 0xFF;
988 frame.append(extendedPayloadLength, 8);
992 size_t maskingKeyStart = frame.size();
993 frame.grow(frame.size() + maskingKeyWidthInBytes); // Add placeholder for masking key. Will be overwritten.
994 size_t payloadStart = frame.size();
995 frame.append(data, dataLength);
997 cryptographicallyRandomValues(frame.data() + maskingKeyStart, maskingKeyWidthInBytes);
998 for (size_t i = 0; i < dataLength; ++i)
999 frame[payloadStart + i] ^= frame[maskingKeyStart + i % maskingKeyWidthInBytes];
1001 return m_handle->send(frame.data(), frame.size());
1004 bool WebSocketChannel::sendFrameHixie76(const char* data, size_t dataLength)
1007 ASSERT(!m_suspended);
1010 frame.append('\0'); // Frame type.
1011 frame.append(data, dataLength);
1012 frame.append('\xff'); // Frame end.
1013 return m_handle->send(frame.data(), frame.size());
1016 } // namespace WebCore
1018 #endif // ENABLE(WEB_SOCKETS)