[Qemu-devel] [PATCH] io: use case insensitive check for Connection & Upgrade websock headers

Daniel P. Berrange posted 1 patch 6 years, 6 months ago
Failed in applying to current master (apply log)
io/channel-websock.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
[Qemu-devel] [PATCH] io: use case insensitive check for Connection & Upgrade websock headers
Posted by Daniel P. Berrange 6 years, 6 months ago
When checking the value of the Connection and Upgrade HTTP headers
the websock RFC (6455) requires the comparison to be case insensitive.
The Connection value should be an exact match not a substring.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 io/channel-websock.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/io/channel-websock.c b/io/channel-websock.c
index 463c04b0aa..abb2470146 100644
--- a/io/channel-websock.c
+++ b/io/channel-websock.c
@@ -427,12 +427,12 @@ static void qio_channel_websock_handshake_process(QIOChannelWebsock *ioc,
         goto bad_request;
     }
 
-    if (!g_strrstr(connection, QIO_CHANNEL_WEBSOCK_CONNECTION_UPGRADE)) {
+    if (strcasecmp(connection, QIO_CHANNEL_WEBSOCK_CONNECTION_UPGRADE) != 0) {
         error_setg(errp, "No connection upgrade requested '%s'", connection);
         goto bad_request;
     }
 
-    if (!g_str_equal(upgrade, QIO_CHANNEL_WEBSOCK_UPGRADE_WEBSOCKET)) {
+    if (strcasecmp(upgrade, QIO_CHANNEL_WEBSOCK_UPGRADE_WEBSOCKET) != 0) {
         error_setg(errp, "Incorrect upgrade method '%s'", upgrade);
         goto bad_request;
     }
-- 
2.13.5


Re: [Qemu-devel] [PATCH] io: use case insensitive check for Connection & Upgrade websock headers
Posted by Eric Blake 6 years, 6 months ago
On 09/06/2017 08:58 AM, Daniel P. Berrange wrote:
> When checking the value of the Connection and Upgrade HTTP headers
> the websock RFC (6455) requires the comparison to be case insensitive.
> The Connection value should be an exact match not a substring.
> 
> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> ---
>  io/channel-websock.c | 4 ++--

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org