[BUG] Websocket upgrades shouldn't be possible with POST requests.

[ItsWendell]

Upgrading a request to WebSockets should only be possible with GET requests. I verified this in production and took me a while to figure out that this was the thing that was going wrong. The following code sample shouldn't work.

        const res = await durableObject.fetch(
          `http://fake-host/events/messageSend?clientId=${ctx.message.id}`,
          {
            method: 'POST',
            headers: {
              Upgrade: 'websocket'
            },
          },
        )
        console.log('has WebSocket', typeof res?.webSocket !== "undefined");

Took me a while to figure out why my code wasn't working in production but was working with Miniflare. this was the reason. Will be great to have this fixed in miniflare.

I might be able to work on a PR this week. What are the preferences in terms of testing?

E.g. would a test called test("fetch: only performs web socket upgrade on GET requests") be ok?

In case I don't get round to it, I think it might be as simple as changing the following file: src/modules/standards.ts

before:

    // Handle web socket upgrades
    if (request.headers.get("upgrade") === "websocket") {

after:

    // Handle web socket upgrades, this should only for GET requests
    if (request.method === "GET" && request.headers.get("upgrade") === "websocket") {

[lukeed]

Yeah, as per the spec only GET requests can be upgraded

[mrbbot]

Just released version 1.4.0 with this fix. Please let me know if you have any other issues or feedback. 😄