Adds a new allowed_hosts_only decorator and extensible base class to allow for checking the incoming Origin header on WebSocket requests, using the Django `ALLOWED_HOSTS` setting by default.
* made `WebSocketBridge._socket` public
We can provide a convenient way to hook custom behavior (such as debugging) by making the underlying `ReconnectingWebSocket` instance publicly available.
Also removed the undocumented `onopen` constructor option.
* recompile js
* Add support for relative urls in javascript wrapper
* recompile static file
* add js smoke test for relative urls
* update docs to show relative urls
* Add a new auth decorator to get the user and rehydrate the http session
* Add http_user_and_session, taking precedence over http_user, applying the channel_and_http_session_user_from_http decorator (a superset of http user functionality)
* Only set session cookies on the first send, since subsequent real requests don't have access to HTTP information
* Add a test for new http_user_and_session WebsocketConsumer attribute
* Fix isort check
Adds a WebSocket wrapper which is both publishable to npm and importable directly for use with staticfiles/etc. Also has a new build process to make the latter file.
* Webserver -> web server
This was flagged by my spell check, and indeed it's hard to find
spellings online without the space. The Oxford Dictionary only knows it
with a space, so I thought it's worth correcting.
* Attempt to clarify optional keys
I wasn't sure about how to treat keys marked optional. After having
spoken to Andrew, this is my attempt at clarifying. Improvements
welcome!
* Order of header values MUST be kept
Order for HTTP header values matters, both in request and responses. So
we must make sure that we're keeping it.
Request:
> Some headers, such as Accept-Language can be sent by clients as
> several headers each with a different value rather than sending the
> header as a comma separated list.
http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html#getHeaders%28java.lang.String%29
Response:
Set-Cookie may be present multiple times, and only the last given value
is to be used.
I'm updating the Daphne test to verify the order in my pull request
there.
* Clarify that headers is a list of lists
The wording for 'server'/'client' and 'headers' was very similar, and I
was unsure if clients may be a list of lists (in anticipation of
protocols supporting that). I hope this small tweak makes it clearer
that only headers is a list of lists.
Changes the strategy so that after a message has been put on the wait queue, it is then checked to see if it became the next message during this time and if so, immediately flushed. Will hopefully fix#451.
