Deployed 461a645 with MkDocs version: 1.1.2

2020-12-18 06:42:58 +00:00 · 2020-12-18 06:42:58 +00:00 · 6a2c9a7dbe
commit 6a2c9a7dbe
parent 28cd2bade2
6 changed files with 71 additions and 11 deletions
--- a/CHANGELOG/index.html
+++ b/CHANGELOG/index.html
@ -98,6 +98,10 @@
            
            <li class="nav-item" data-level="1"><a href="#changelog" class="nav-link">Changelog</a>
              <ul class="nav flex-column">
+            <li class="nav-item" data-level="2"><a href="#1105-2020-12-17" class="nav-link">[11.0.5] - 2020-12-17</a>
+              <ul class="nav flex-column">
+              </ul>
+            </li>
            <li class="nav-item" data-level="2"><a href="#1104-2020-11-16" class="nav-link">[11.0.4] - 2020-11-16</a>
              <ul class="nav flex-column">
              </ul>
@ -1099,6 +1103,10 @@

 <h1 id="changelog">Changelog</h1>
 <p>All changes to this project will be documented in this file.</p>
+<h2 id="1105-2020-12-17">[11.0.5] - 2020-12-17</h2>
+<p>(ws) Implement simple header based websocket authorization technique to reject
+client which do not supply a certain header ("Authorization") with a special
+value (see doc).</p>
 <h2 id="1104-2020-11-16">[11.0.4] - 2020-11-16</h2>
 <p>(ixwebsocket) Handle EINTR return code in ix::poll and IXSelectInterrupt</p>
 <h2 id="1103-2020-11-16">[11.0.3] - 2020-11-16</h2>
--- a/index.html
+++ b/index.html
@ -264,5 +264,5 @@ webSocket.send(&quot;hello world&quot;);

 <!--
 MkDocs version : 1.1.2
-Build Date UTC : 2020-11-17 00:14:21.282411+00:00
+Build Date UTC : 2020-12-18 06:42:58.789529+00:00
 -->
--- a/search/search_index.json
+++ b/search/search_index.json
--- a/sitemap.xml
+++ b/sitemap.xml
@ -1,39 +1,39 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url><url>
     <loc>None</loc>
-     <lastmod>2020-11-17</lastmod>
+     <lastmod>2020-12-18</lastmod>
     <changefreq>daily</changefreq>
    </url>
 </urlset>
--- a/sitemap.xml.gz
+++ b/sitemap.xml.gz
--- a/ws/index.html
+++ b/ws/index.html
@ -111,6 +111,11 @@
              </ul>
            </li>
            
+            <li class="nav-item" data-level="2"><a href="#echo-server" class="nav-link">echo server</a>
+              <ul class="nav flex-column">
+              </ul>
+            </li>
+            
            <li class="nav-item" data-level="2"><a href="#websocket-proxy" class="nav-link">Websocket proxy</a>
              <ul class="nav flex-column">
              </ul>
@ -311,6 +316,53 @@ Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_
 Server: Python/3.7 websockets/8.0.2
 Upgrade: websocket
 </code></pre>
+<p>It is possible to pass custom HTTP header when doing the connection handshake,
+the remote server might process them to implement a simple authorization
+scheme.</p>
+<pre><code>src$ ws connect -H Authorization:supersecret ws://localhost:8008
+Type Ctrl-D to exit prompt...
+[2020-12-17 22:35:08.732] [info] Authorization: supersecret
+Connecting to url: ws://localhost:8008
+&gt; [2020-12-17 22:35:08.736] [info] ws_connect: connected
+[2020-12-17 22:35:08.736] [info] Uri: /
+[2020-12-17 22:35:08.736] [info] Headers:
+[2020-12-17 22:35:08.736] [info] Connection: Upgrade
+[2020-12-17 22:35:08.736] [info] Sec-WebSocket-Accept: 2yaTFcdwn8KL6IzSMj2u6Le7KTg=
+[2020-12-17 22:35:08.736] [info] Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+[2020-12-17 22:35:08.736] [info] Server: ixwebsocket/11.0.4 macos ssl/SecureTransport zlib 1.2.11
+[2020-12-17 22:35:08.736] [info] Upgrade: websocket
+[2020-12-17 22:35:08.736] [info] Received 25 bytes
+ws_connect: received message: Authorization suceeded!
+[2020-12-17 22:35:08.736] [info] Received pong ixwebsocket::heartbeat::30s::0
+hello
+&gt; [2020-12-17 22:35:25.157] [info] Received 7 bytes
+ws_connect: received message: hello
+</code></pre>
+<p>If the wrong header is passed in, the server would close the connection with a custom close code (&gt;4000, and &lt;4999).</p>
+<pre><code>[2020-12-17 22:39:37.044] [info] Upgrade: websocket
+ws_connect: connection closed: code 4001 reason Permission denied
+</code></pre>
+<h2 id="echo-server">echo server</h2>
+<p>The ws echo server will respond what the client just sent him. If we use the
+simple --http_authorization_header we can enforce that client need to pass a
+special value in the Authorization header to connect.</p>
+<pre><code>$ ws echo_server --http_authorization_header supersecret
+[2020-12-17 22:35:06.192] [info] Listening on 127.0.0.1:8008
+[2020-12-17 22:35:08.735] [info] New connection
+[2020-12-17 22:35:08.735] [info] remote ip: 127.0.0.1
+[2020-12-17 22:35:08.735] [info] id: 0
+[2020-12-17 22:35:08.735] [info] Uri: /
+[2020-12-17 22:35:08.735] [info] Headers:
+[2020-12-17 22:35:08.735] [info] Authorization: supersecret
+[2020-12-17 22:35:08.735] [info] Connection: Upgrade
+[2020-12-17 22:35:08.735] [info] Host: localhost:8008
+[2020-12-17 22:35:08.735] [info] Sec-WebSocket-Extensions: permessage-deflate; server_max_window_bits=15; client_max_window_bits=15
+[2020-12-17 22:35:08.735] [info] Sec-WebSocket-Key: eFF2Gf25dC7eC15Ab1135G==
+[2020-12-17 22:35:08.735] [info] Sec-WebSocket-Version: 13
+[2020-12-17 22:35:08.735] [info] Upgrade: websocket
+[2020-12-17 22:35:08.735] [info] User-Agent: ixwebsocket/11.0.4 macos ssl/SecureTransport zlib 1.2.11
+[2020-12-17 22:35:25.157] [info] Received 7 bytes
+</code></pre>
 <h2 id="websocket-proxy">Websocket proxy</h2>
 <pre><code>ws proxy_server --remote_host ws://127.0.0.1:9000 -v
 Listening on 127.0.0.1:8008