info.origin and info.req.headers.host issue in verifyClient after upgrade ws from 1.1.4 to 3.3.3

[rutanika]

Hello,

After we upgraded ws from 1.1.4 to 3.3.3 and did the adjustment as suggested in #1099, we get different behaviour in verifyClient.
We recognized that in verifyClient info.origin comes without port and info.req.headers.host comes with port 443.
Without the change both of them comes without the port.
Do you know what can be the reason for that?

Thanks,
Tali

node version: 6.0.0
platform: cf

[lpinca]

I'm not sure, info.origin is just a shortcut to req.headers['sec-websocket-origin'] or req.headers.origin depending on the protocol version.

Is the client a browser?

[rutanika]

req.headers['sec-websocket-version'] is 13, therefor origin is req.headers['origin']

[lpinca]

yes that's correct.

[rutanika]

right, but I still don't understand why req.headers['origin'] comes without port and info.req.headers.host comes with port 443 :)

[lpinca]

They are set by the client, are origin and host the same on 1.1.4? Is the client the same or are you using a different client?

[rutanika]

Yes, on 1.1.4 origin and host are the same.
The client is also the same. The only change is the version of ws and the adjustment for upgradeReq property.

[lpinca]

origin is the same on both 1.1.4 and 3.3.3, host is never touched so I don't really know.

Print info.req.headers and see if it is the same on both versions.

[rutanika]

I already printed it and saw that the host has port 443 in 3.3.3 and does not has port at all in 1.1.4.

I open this github issue only after I printed it and saw the difference.

[lpinca]

I cannot reproduce, here is my code.

const https = require('https');
const fs = require('fs');
const WebSocket = require('.');

const data = `<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
  </head>
  <body>
    <script>
      (function () {
        var ws = new WebSocket('wss://localhost');
      })();
    </script>
  </body>
</html>`;

const server = https.createServer({
  cert: fs.readFileSync('test/fixtures/certificate.pem'),
  key: fs.readFileSync('test/fixtures/key.pem')
});

server.on('request', (req, res) => {
  res.setHeader('Content-Type', 'text/html');
  res.end(data);
});

const wss = new WebSocket.Server({
  verifyClient (info) {
    console.log(info.origin);
    console.log(info.req.headers.host);
    return true;
  },
  server
});

wss.on('connection', (ws) => ws.close());

server.listen(443);

This prints the same stuff on both 1.1.4 and 3.3.3 using Chrome as client.

[lpinca]

@rutanika I've also tested it on Firefox and it works the same on both 1.1.4 and 3.3.3.
Are you able to write a test to reproduce the issue?

[lpinca]

Closing as I can't reproduce this, discussion can continue on the closed thread.

[rutanika]

Hi,
I will try to isolate the issue and create a standealone example that demonstrates what was done here.
Thanks,
Tali