diff --git a/.gitignore b/.gitignore index 36f6607..e3535d3 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ build/ /.tox .hypothesis .cache +.eggs diff --git a/daphne/http_protocol.py b/daphne/http_protocol.py index 8ae044c..1a3a065 100755 --- a/daphne/http_protocol.py +++ b/daphne/http_protocol.py @@ -350,8 +350,20 @@ class HTTPFactory(http.HTTPFactory): unknown_keys, ) ) + # Accepts allow bytes/text afterwards if message.get("accept", None) and protocol.state == protocol.STATE_CONNECTING: protocol.serverAccept() + # Rejections must be the only thing + if message.get("accept", None) == False and protocol.state == protocol.STATE_CONNECTING: + protocol.serverReject() + return + # You're only allowed one of bytes or text + if message.get("bytes", None) and message.get("text", None): + raise ValueError( + "Got invalid WebSocket reply message on %s - contains both bytes and text keys" % ( + channel, + ) + ) if message.get("bytes", None): protocol.serverSend(message["bytes"], True) if message.get("text", None): diff --git a/daphne/ws_protocol.py b/daphne/ws_protocol.py index 83008c8..61458e8 100755 --- a/daphne/ws_protocol.py +++ b/daphne/ws_protocol.py @@ -175,7 +175,7 @@ class WebSocketProtocol(WebSocketServerProtocol): def serverReject(self): """ - Called when we get a message saying to accept the connection. + Called when we get a message saying to reject the connection. """ self.handshake_deferred.errback(ConnectionDeny(code=403, reason="Access denied")) self.cleanup()