Commit 6b6dc1cd3a

Kuwazy <70151472+Marzin-bot@users.noreply.github.com>
2025-03-25 15:00:50
Added check for HTTP version and GET method when upgrading WebSocket to comply with RFC 6455. (#23332)
master
1 parent e1c6af2
Changed files (1)
lib
std
http
WebSocket.zig
lib/std/http/WebSocket.zig
@@ -23,6 +23,11 @@ pub fn init(
     send_buffer: []u8,
     recv_buffer: []align(4) u8,
 ) InitError!bool {
+    switch (request.head.version) {
+        .@"HTTP/1.0" => return false,
+        .@"HTTP/1.1" => if (request.head.method != .GET) return false,
+    }
+
     var sec_websocket_key: ?[]const u8 = null;
     var upgrade_websocket: bool = false;
     var it = request.iterateHeaders();