Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
debugger: validate sec-websocket-accept response header
This addresses a TODO to validate that the sec-websocket-accept header in the WebSocket handshake response is valid. To do this we need to append the WebSocket GUID to the original key sent in sec-websocket-key, sha1 hash it, and then compare the base64 encoding with the value sent in the sec-websocket-accept response header. If they don't match, an error is thrown. PR-URL: #39357 Refs: nodejs/node-inspect#93 Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
- Loading branch information