|
@@ -2,7 +2,6 @@ package irc
|
2
|
2
|
|
3
|
3
|
import (
|
4
|
4
|
"github.com/gorilla/websocket"
|
5
|
|
- "net"
|
6
|
5
|
"net/http"
|
7
|
6
|
"time"
|
8
|
7
|
)
|
|
@@ -10,56 +9,38 @@ import (
|
10
|
9
|
var upgrader = websocket.Upgrader{
|
11
|
10
|
ReadBufferSize: 1024,
|
12
|
11
|
WriteBufferSize: 1024,
|
13
|
|
- /* If a WS session contains sensitive information, and you choose to use
|
14
|
|
- cookies for authentication (during the HTTP(S) upgrade request), then
|
15
|
|
- you should check that Origin is a domain under your control. If it
|
16
|
|
- isn't, then it is possible for users of your site, visiting a naughty
|
17
|
|
- Origin, to have a WS opened using their credentials. See
|
18
|
|
- http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html#main.
|
19
|
|
- We don't care about Origin because the (IRC) authentication is contained
|
20
|
|
- in the WS stream -- the WS session is not privileged when it is opened.
|
21
|
|
- */
|
|
12
|
+ // If a WS session contains sensitive information, and you choose to use
|
|
13
|
+ // cookies for authentication (during the HTTP(S) upgrade request), then
|
|
14
|
+ // you should check that Origin is a domain under your control. If it
|
|
15
|
+ // isn't, then it is possible for users of your site, visiting a naughty
|
|
16
|
+ // Origin, to have a WS opened using their credentials. See
|
|
17
|
+ // http://www.christian-schneider.net/CrossSiteWebSocketHijacking.html#main.
|
|
18
|
+ // We don't care about Origin because the (IRC) authentication is contained
|
|
19
|
+ // in the WS stream -- the WS session is not privileged when it is opened.
|
22
|
20
|
CheckOrigin: func(r *http.Request) bool { return true },
|
23
|
21
|
}
|
24
|
22
|
|
25
|
23
|
type WSContainer struct {
|
26
|
|
- conn *websocket.Conn
|
27
|
|
-}
|
28
|
|
-
|
29
|
|
-func (this WSContainer) Close() error {
|
30
|
|
- return this.conn.Close()
|
31
|
|
-}
|
32
|
|
-
|
33
|
|
-func (this WSContainer) LocalAddr() net.Addr {
|
34
|
|
- return this.conn.LocalAddr()
|
35
|
|
-}
|
36
|
|
-
|
37
|
|
-func (this WSContainer) RemoteAddr() net.Addr {
|
38
|
|
- return this.conn.RemoteAddr()
|
|
24
|
+ *websocket.Conn
|
39
|
25
|
}
|
40
|
26
|
|
41
|
27
|
func (this WSContainer) Read(msg []byte) (int, error) {
|
42
|
|
- _, tmp, err := this.conn.ReadMessage()
|
43
|
|
- str := (string)(tmp)
|
44
|
|
- n := copy(msg, ([]byte)(str+CRLF+CRLF))
|
45
|
|
- return n, err
|
|
28
|
+ ty, bytes, err := this.ReadMessage()
|
|
29
|
+ if ty == websocket.TextMessage {
|
|
30
|
+ n := copy(msg, []byte(string(bytes)+CRLF+CRLF))
|
|
31
|
+ return n, err
|
|
32
|
+ }
|
|
33
|
+ // Binary, and other kinds of messages, are thrown away.
|
|
34
|
+ return 0, nil
|
46
|
35
|
}
|
47
|
36
|
|
48
|
37
|
func (this WSContainer) Write(msg []byte) (int, error) {
|
49
|
|
- err := this.conn.WriteMessage(1, msg)
|
|
38
|
+ err := this.WriteMessage(websocket.TextMessage, msg)
|
50
|
39
|
return len(msg), err
|
51
|
40
|
}
|
52
|
41
|
|
53
|
42
|
func (this WSContainer) SetDeadline(t time.Time) error {
|
54
|
|
- err := this.conn.SetWriteDeadline(t)
|
55
|
|
- err = this.conn.SetReadDeadline(t)
|
|
43
|
+ err := this.SetWriteDeadline(t)
|
|
44
|
+ err = this.SetReadDeadline(t)
|
56
|
45
|
return err
|
57
|
46
|
}
|
58
|
|
-
|
59
|
|
-func (this WSContainer) SetReadDeadline(t time.Time) error {
|
60
|
|
- return this.conn.SetReadDeadline(t)
|
61
|
|
-}
|
62
|
|
-
|
63
|
|
-func (this WSContainer) SetWriteDeadline(t time.Time) error {
|
64
|
|
- return this.conn.SetWriteDeadline(t)
|
65
|
|
-}
|