[Webkit-unassigned] [Bug 32249] WebSocket test server handshake is not strict enough
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Dec 16 00:13:36 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=32249
--- Comment #12 from Alexey Proskuryakov <ap at webkit.org> 2009-12-16 00:13:35 PST ---
> Two reasons:
> - pywebsocket is for general (although experimental) use, and
> generally speaking, the receiver of data should be lenient.
> The order of headers is minor enough to tolerate, in my opinion.
> - strict checking is difficult to enforce in the Apache module version
> of pywebsocket, and we want to keep the behavior as consistent as
> possible.
The specification has MUST level requirements for strict checking, so any
implementation that is lenient is automatically non-conforming. This is even
more important in general use than in testing.
If it's not practically feasible to achieve the level of strictness required by
the spec due to Apache limitations, please bring this up on IETF hybi mailing
list - the protocol may need to be changed to achieve its security goals by
other means.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list