django-websocket-redis icon indicating copy to clipboard operation
django-websocket-redis copied to clipboard
verified publisher icon jrief

KeyError: 'HTTP_SEC_WEBSOCKET_KEY'

Open cgabriel opened this issue 11 years ago • 9 comments

Hi,

I've deployed successfully django-websocket-redis, working fine. Good job!

The issue here are with certain client, specifically Safari on iOS 5.1 (which is claimed to support WebSockets) raise the error:

Traceback (most recent call last):

File "/usr/local/lib/python2.7/dist-packages/ws4redis/wsgi_server.py", line 72, in call websocket = self.upgrade_websocket(environ, start_response)

File "/usr/local/lib/python2.7/dist-packages/ws4redis/uwsgi_runserver.py", line 52, in upgrade_websocket uwsgi.websocket_handshake(environ['HTTP_SEC_WEBSOCKET_KEY'], environ.get('HTTP_ORIGIN', ''))

KeyError: 'HTTP_SEC_WEBSOCKET_KEY'

Request repr() unavailable.

Any hints? Deployed with uwsgi with gevent support, behing nginx.

I can reproduce the issue regularly with the ipad above..

Thanks.

cgabriel avatar Oct 10 '14 07:10 cgabriel

Interesting. We then should access the environ using environ.get('HTTP_SEC_WEBSOCKET_KEY') or just disable it for these kinds of clients. As far as I know, the HTTP-request header Sec-Websocket-Key is mandatory for as WS handshake, so, or Safari uses another name or it just can't do it.

jrief avatar Oct 10 '14 07:10 jrief

Looking around, seems that such version of Safari won't send the correct header, so I've to exclude/disable the feature for them. I'd really like to have ws4redis handle this, but in the mean time, do you have any suggestions to handle the issue nicely?

cgabriel avatar Oct 10 '14 08:10 cgabriel

Upgrade Safari? :)

Which iOS is it running on?

jrief avatar Oct 10 '14 08:10 jrief

It's not mine, it's a user of the web application.. it's an Ipad 1, with iOS 5.1.

Oddly, using such tablet on https://www.websocket.org/echo.html states that websockets are fully supported.

Upgrade, unfortunately, it's not possible on a such old device. Disabling the feature for them is fine anyway, so I'm handling it, but I think that ws4redis is the right place where to handle this kind of issues.

If I can help somehow, let me know!

cgabriel avatar Oct 10 '14 08:10 cgabriel

can I close this?

jrief avatar Oct 21 '14 21:10 jrief

Are there any solution to handle nicely the missing "HTTP_SEC_WEBSOCKET_KEY" from environ, maybe using get() method with a default?

cgabriel avatar Oct 23 '14 06:10 cgabriel

Nope, please read https://tools.ietf.org/html/rfc6455#section-11.3.1

I certainly will not introduce non-standard behavior as a workaround for broken clients.

jrief avatar Oct 23 '14 07:10 jrief

No one is asking for that, of course :) I'm just suggesting to handle the case that the HTTP_SEC_WEBSOCKET_KEY is missing, to raise a more specific exception, for example, rather than KeyError, to have it managed elsewhere.

cgabriel avatar Oct 23 '14 11:10 cgabriel

yes, this certainly.

jrief avatar Oct 23 '14 12:10 jrief