https://issues.apache.org/bugzilla/show_bug.cgi?id=54709
Bug ID: 54709
Summary: Official schemes for WebSocket are "ws"/"wss";
WsWebSocketContainer only allows "http"/"https"
Product: Tomcat 8
Version: trunk
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: nicho...@nicholaswilliams.net
Classification: Unclassified
Created attachment 30056
--> https://issues.apache.org/bugzilla/attachment.cgi?id=30056&action=edit
Patch to address issue
According to the WebSocket specification RFC6455 [1], the official URI schemes
for the WebSocket protocol are "ws" and "wss." However,
o.a.t.websocket.WsWebSocketContainer#connectToServer(...) throws an exception
if anything other than "http" or "https" are specified. I agree with allowing
"http" and "https" for reasons of friendliness (although the correctness of
this could be debated; I did not address that in my patch), but "ws" and "wss"
should ALWAYS be allowed here.
Also, one should be allowed to specify a port for EITHER ws/http OR wss/https.
However, the way it was written, you could only specify a port for ws/http, and
wss/https always tried to use 443 (I understand that SSL wasn't fully
implemented here yet). Imagine the scenario where Tomcat is running on
8080/8443. You would need to specify 8443 as the wss/https port.
I have attached a patch that addresses these issues.
[1] http://tools.ietf.org/html/rfc6455#page-54
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
