mirror of https://github.com/calzoneman/sync.git
Use socket.handshake instead of socket.client.request
Fixes a bug where sockets would be rejected if they connected directly with the 'websocket' transport instead of doing an AJAX connection with websocket upgrade (e.g. if `transports: ['websocket']` is passed to the socket.io-client constructor). See https://github.com/socketio/socket.io/blob/master/docs/API.md#sockethandshake
This commit is contained in:
parent
0b6106a89e
commit
95e147b5a0
|
@ -2,7 +2,7 @@
|
|||
"author": "Calvin Montgomery",
|
||||
"name": "CyTube",
|
||||
"description": "Online media synchronizer and chat",
|
||||
"version": "3.51.15",
|
||||
"version": "3.51.16",
|
||||
"repository": {
|
||||
"url": "http://github.com/calzoneman/sync"
|
||||
},
|
||||
|
|
|
@ -52,8 +52,12 @@ class IOServer {
|
|||
if (!socket.context) socket.context = {};
|
||||
|
||||
try {
|
||||
socket.handshake.connection = {
|
||||
remoteAddress: socket.handshake.address
|
||||
};
|
||||
|
||||
socket.context.ipAddress = proxyaddr(
|
||||
socket.client.request,
|
||||
socket.handshake,
|
||||
this.proxyTrustFn
|
||||
);
|
||||
|
||||
|
@ -159,7 +163,7 @@ class IOServer {
|
|||
|
||||
// Parse cookies
|
||||
cookieParsingMiddleware(socket, next) {
|
||||
const req = socket.request;
|
||||
const req = socket.handshake;
|
||||
if (req.headers.cookie) {
|
||||
cookieParser(req, null, () => next());
|
||||
} else {
|
||||
|
@ -172,7 +176,7 @@ class IOServer {
|
|||
// Determine session age from ip-session cookie
|
||||
// (Used for restricting chat)
|
||||
ipSessionCookieMiddleware(socket, next) {
|
||||
const cookie = socket.request.signedCookies['ip-session'];
|
||||
const cookie = socket.handshake.signedCookies['ip-session'];
|
||||
if (!cookie) {
|
||||
socket.context.ipSessionFirstSeen = new Date();
|
||||
next();
|
||||
|
@ -193,7 +197,7 @@ class IOServer {
|
|||
socket.context.aliases = [];
|
||||
|
||||
const promises = [];
|
||||
const auth = socket.request.signedCookies.auth;
|
||||
const auth = socket.handshake.signedCookies.auth;
|
||||
if (auth) {
|
||||
promises.push(verifySession(auth).then(user => {
|
||||
socket.context.user = Object.assign({}, user);
|
||||
|
|
|
@ -10,19 +10,13 @@ describe('IOServer', () => {
|
|||
context: {
|
||||
ipAddress: '9.9.9.9'
|
||||
},
|
||||
client: {
|
||||
request: {
|
||||
connection: {
|
||||
remoteAddress: '127.0.0.1'
|
||||
},
|
||||
headers: {
|
||||
'x-forwarded-for': '1.2.3.4'
|
||||
}
|
||||
handshake: {
|
||||
address: '127.0.0.1',
|
||||
headers: {
|
||||
'x-forwarded-for': '1.2.3.4'
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
socket.request = socket.client.request;
|
||||
});
|
||||
|
||||
describe('#ipProxyMiddleware', () => {
|
||||
|
@ -35,7 +29,7 @@ describe('IOServer', () => {
|
|||
});
|
||||
|
||||
it('does not proxy from a non-trusted address', done => {
|
||||
socket.client.request.connection.remoteAddress = '5.6.7.8';
|
||||
socket.handshake.address = '5.6.7.8';
|
||||
server.ipProxyMiddleware(socket, error => {
|
||||
assert(!error);
|
||||
assert.strictEqual(socket.context.ipAddress, '5.6.7.8');
|
||||
|
@ -128,18 +122,18 @@ describe('IOServer', () => {
|
|||
|
||||
describe('#cookieParsingMiddleware', () => {
|
||||
it('parses cookies', done => {
|
||||
socket.request.headers.cookie = 'flavor=chocolate%20chip';
|
||||
socket.handshake.headers.cookie = 'flavor=chocolate%20chip';
|
||||
|
||||
server.cookieParsingMiddleware(socket, () => {
|
||||
assert.strictEqual(socket.request.cookies.flavor, 'chocolate chip');
|
||||
assert.strictEqual(socket.handshake.cookies.flavor, 'chocolate chip');
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('defaults to empty objects if no cookies', done => {
|
||||
server.cookieParsingMiddleware(socket, () => {
|
||||
assert.deepStrictEqual(socket.request.cookies, {});
|
||||
assert.deepStrictEqual(socket.request.signedCookies, {});
|
||||
assert.deepStrictEqual(socket.handshake.cookies, {});
|
||||
assert.deepStrictEqual(socket.handshake.signedCookies, {});
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
|
Loading…
Reference in New Issue