mahdihty
/
liwo_socket
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
3 Branches
0 Tags
13 MiB
Tree: 1f2b40ae28
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1f2b40ae28'
${ noResults }
liwo_socket/node_modules/engine.io/lib/server.js

587 lines
15 KiB
Raw Normal View History

init commit
4 years ago
  2. /**
  3. * Module dependencies.
  4. */
  6. var qs = require('querystring');
  7. var parse = require('url').parse;
  8. var base64id = require('base64id');
  9. var transports = require('./transports');
  10. var EventEmitter = require('events').EventEmitter;
  11. var Socket = require('./socket');
  12. var util = require('util');
  13. var debug = require('debug')('engine');
  14. var cookieMod = require('cookie');
  16. /**
  17. * Module exports.
  18. */
  20. module.exports = Server;
  22. /**
  23. * Server constructor.
  24. *
  25. * @param {Object} options
  26. * @api public
  27. */
  29. function Server (opts) {
  30. if (!(this instanceof Server)) {
  31. return new Server(opts);
  32. }
  34. this.clients = {};
  35. this.clientsCount = 0;
  37. opts = opts || {};
  39. this.wsEngine = opts.wsEngine || process.env.EIO_WS_ENGINE || 'ws';
  40. this.pingTimeout = opts.pingTimeout || 5000;
  41. this.pingInterval = opts.pingInterval || 25000;
  42. this.upgradeTimeout = opts.upgradeTimeout || 10000;
  43. this.maxHttpBufferSize = opts.maxHttpBufferSize || 10E7;
  44. this.transports = opts.transports || Object.keys(transports);
  45. this.allowUpgrades = false !== opts.allowUpgrades;
  46. this.allowRequest = opts.allowRequest;
  47. this.cookie = false !== opts.cookie ? (opts.cookie || 'io') : false;
  48. this.cookiePath = false !== opts.cookiePath ? (opts.cookiePath || '/') : false;
  49. this.cookieHttpOnly = false !== opts.cookieHttpOnly;
  50. this.perMessageDeflate = false !== opts.perMessageDeflate ? (opts.perMessageDeflate || true) : false;
  51. this.httpCompression = false !== opts.httpCompression ? (opts.httpCompression || {}) : false;
  52. this.initialPacket = opts.initialPacket;
  54. var self = this;
  56. // initialize compression options
  57. ['perMessageDeflate', 'httpCompression'].forEach(function (type) {
  58. var compression = self[type];
  59. if (true === compression) self[type] = compression = {};
  60. if (compression && null == compression.threshold) {
  61. compression.threshold = 1024;
  62. }
  63. });
  65. this.init();
  66. }
  68. /**
  69. * Protocol errors mappings.
  70. */
  72. Server.errors = {
  73. UNKNOWN_TRANSPORT: 0,
  74. UNKNOWN_SID: 1,
  75. BAD_HANDSHAKE_METHOD: 2,
  76. BAD_REQUEST: 3,
  77. FORBIDDEN: 4
  78. };
  80. Server.errorMessages = {
  81. 0: 'Transport unknown',
  82. 1: 'Session ID unknown',
  83. 2: 'Bad handshake method',
  84. 3: 'Bad request',
  85. 4: 'Forbidden'
  86. };
  88. /**
  89. * Inherits from EventEmitter.
  90. */
  92. util.inherits(Server, EventEmitter);
  94. /**
  95. * Initialize websocket server
  96. *
  97. * @api private
  98. */
  100. Server.prototype.init = function () {
  101. if (!~this.transports.indexOf('websocket')) return;
  103. if (this.ws) this.ws.close();
  105. // add explicit require for bundlers like webpack
  106. var wsModule = this.wsEngine === 'ws' ? require('ws') : require(this.wsEngine);
  107. this.ws = new wsModule.Server({
  108. noServer: true,
  109. clientTracking: false,
  110. perMessageDeflate: this.perMessageDeflate,
  111. maxPayload: this.maxHttpBufferSize
  112. });
  113. };
  115. /**
  116. * Returns a list of available transports for upgrade given a certain transport.
  117. *
  118. * @return {Array}
  119. * @api public
  120. */
  122. Server.prototype.upgrades = function (transport) {
  123. if (!this.allowUpgrades) return [];
  124. return transports[transport].upgradesTo || [];
  125. };
  127. /**
  128. * Verifies a request.
  129. *
  130. * @param {http.IncomingMessage}
  131. * @return {Boolean} whether the request is valid
  132. * @api private
  133. */
  135. Server.prototype.verify = function (req, upgrade, fn) {
  136. // transport check
  137. var transport = req._query.transport;
  138. if (!~this.transports.indexOf(transport)) {
  139. debug('unknown transport "%s"', transport);
  140. return fn(Server.errors.UNKNOWN_TRANSPORT, false);
  141. }
  143. // 'Origin' header check
  144. var isOriginInvalid = checkInvalidHeaderChar(req.headers.origin);
  145. if (isOriginInvalid) {
  146. req.headers.origin = null;
  147. debug('origin header invalid');
  148. return fn(Server.errors.BAD_REQUEST, false);
  149. }
  151. // sid check
  152. var sid = req._query.sid;
  153. if (sid) {
  154. if (!this.clients.hasOwnProperty(sid)) {
  155. debug('unknown sid "%s"', sid);
  156. return fn(Server.errors.UNKNOWN_SID, false);
  157. }
  158. if (!upgrade && this.clients[sid].transport.name !== transport) {
  159. debug('bad request: unexpected transport without upgrade');
  160. return fn(Server.errors.BAD_REQUEST, false);
  161. }
  162. } else {
  163. // handshake is GET only
  164. if ('GET' !== req.method) return fn(Server.errors.BAD_HANDSHAKE_METHOD, false);
  165. if (!this.allowRequest) return fn(null, true);
  166. return this.allowRequest(req, fn);
  167. }
  169. fn(null, true);
  170. };
  172. /**
  173. * Prepares a request by processing the query string.
  174. *
  175. * @api private
  176. */
  178. Server.prototype.prepare = function (req) {
  179. // try to leverage pre-existing `req._query` (e.g: from connect)
  180. if (!req._query) {
  181. req._query = ~req.url.indexOf('?') ? qs.parse(parse(req.url).query) : {};
  182. }
  183. };
  185. /**
  186. * Closes all clients.
  187. *
  188. * @api public
  189. */
  191. Server.prototype.close = function () {
  192. debug('closing all open clients');
  193. for (var i in this.clients) {
  194. if (this.clients.hasOwnProperty(i)) {
  195. this.clients[i].close(true);
  196. }
  197. }
  198. if (this.ws) {
  199. debug('closing webSocketServer');
  200. this.ws.close();
  201. // don't delete this.ws because it can be used again if the http server starts listening again
  202. }
  203. return this;
  204. };
  206. /**
  207. * Handles an Engine.IO HTTP request.
  208. *
  209. * @param {http.IncomingMessage} request
  210. * @param {http.ServerResponse|http.OutgoingMessage} response
  211. * @api public
  212. */
  214. Server.prototype.handleRequest = function (req, res) {
  215. debug('handling "%s" http request "%s"', req.method, req.url);
  216. this.prepare(req);
  217. req.res = res;
  219. var self = this;
  220. this.verify(req, false, function (err, success) {
  221. if (!success) {
  222. sendErrorMessage(req, res, err);
  223. return;
  224. }
  226. if (req._query.sid) {
  227. debug('setting new request for existing client');
  228. self.clients[req._query.sid].transport.onRequest(req);
  229. } else {
  230. self.handshake(req._query.transport, req);
  231. }
  232. });
  233. };
  235. /**
  236. * Sends an Engine.IO Error Message
  237. *
  238. * @param {http.ServerResponse} response
  239. * @param {code} error code
  240. * @api private
  241. */
  243. function sendErrorMessage (req, res, code) {
  244. var headers = { 'Content-Type': 'application/json' };
  246. var isForbidden = !Server.errorMessages.hasOwnProperty(code);
  247. if (isForbidden) {
  248. res.writeHead(403, headers);
  249. res.end(JSON.stringify({
  250. code: Server.errors.FORBIDDEN,
  251. message: code || Server.errorMessages[Server.errors.FORBIDDEN]
  252. }));
  253. return;
  254. }
  255. if (req.headers.origin) {
  256. headers['Access-Control-Allow-Credentials'] = 'true';
  257. headers['Access-Control-Allow-Origin'] = req.headers.origin;
  258. } else {
  259. headers['Access-Control-Allow-Origin'] = '*';
  260. }
  261. if (res !== undefined) {
  262. res.writeHead(400, headers);
  263. res.end(JSON.stringify({
  264. code: code,
  265. message: Server.errorMessages[code]
  266. }));
  267. }
  268. }
  270. /**
  271. * generate a socket id.
  272. * Overwrite this method to generate your custom socket id
  273. *
  274. * @param {Object} request object
  275. * @api public
  276. */
  278. Server.prototype.generateId = function (req) {
  279. return base64id.generateId();
  280. };
  282. /**
  283. * Handshakes a new client.
  284. *
  285. * @param {String} transport name
  286. * @param {Object} request object
  287. * @api private
  288. */
  290. Server.prototype.handshake = function (transportName, req) {
  291. var id = this.generateId(req);
  293. debug('handshaking client "%s"', id);
  295. try {
  296. var transport = new transports[transportName](req);
  297. if ('polling' === transportName) {
  298. transport.maxHttpBufferSize = this.maxHttpBufferSize;
  299. transport.httpCompression = this.httpCompression;
  300. } else if ('websocket' === transportName) {
  301. transport.perMessageDeflate = this.perMessageDeflate;
  302. }
  304. if (req._query && req._query.b64) {
  305. transport.supportsBinary = false;
  306. } else {
  307. transport.supportsBinary = true;
  308. }
  309. } catch (e) {
  310. debug('error handshaking to transport "%s"', transportName);
  311. sendErrorMessage(req, req.res, Server.errors.BAD_REQUEST);
  312. return;
  313. }
  314. var socket = new Socket(id, this, transport, req);
  315. var self = this;
  317. if (false !== this.cookie) {
  318. transport.on('headers', function (headers) {
  319. headers['Set-Cookie'] = cookieMod.serialize(self.cookie, id,
  320. {
  321. path: self.cookiePath,
  322. httpOnly: self.cookiePath ? self.cookieHttpOnly : false,
  323. sameSite: true
  324. });
  325. });
  326. }
  328. transport.onRequest(req);
  330. this.clients[id] = socket;
  331. this.clientsCount++;
  333. socket.once('close', function () {
  334. delete self.clients[id];
  335. self.clientsCount--;
  336. });
  338. this.emit('connection', socket);
  339. };
  341. /**
  342. * Handles an Engine.IO HTTP Upgrade.
  343. *
  344. * @api public
  345. */
  347. Server.prototype.handleUpgrade = function (req, socket, upgradeHead) {
  348. this.prepare(req);
  350. var self = this;
  351. this.verify(req, true, function (err, success) {
  352. if (!success) {
  353. abortConnection(socket, err);
  354. return;
  355. }
  357. var head = Buffer.from(upgradeHead); // eslint-disable-line node/no-deprecated-api
  358. upgradeHead = null;
  360. // delegate to ws
  361. self.ws.handleUpgrade(req, socket, head, function (conn) {
  362. self.onWebSocket(req, conn);
  363. });
  364. });
  365. };
  367. /**
  368. * Called upon a ws.io connection.
  369. *
  370. * @param {ws.Socket} websocket
  371. * @api private
  372. */
  374. Server.prototype.onWebSocket = function (req, socket) {
  375. socket.on('error', onUpgradeError);
  377. if (transports[req._query.transport] !== undefined && !transports[req._query.transport].prototype.handlesUpgrades) {
  378. debug('transport doesnt handle upgraded requests');
  379. socket.close();
  380. return;
  381. }
  383. // get client id
  384. var id = req._query.sid;
  386. // keep a reference to the ws.Socket
  387. req.websocket = socket;
  389. if (id) {
  390. var client = this.clients[id];
  391. if (!client) {
  392. debug('upgrade attempt for closed client');
  393. socket.close();
  394. } else if (client.upgrading) {
  395. debug('transport has already been trying to upgrade');
  396. socket.close();
  397. } else if (client.upgraded) {
  398. debug('transport had already been upgraded');
  399. socket.close();
  400. } else {
  401. debug('upgrading existing transport');
  403. // transport error handling takes over
  404. socket.removeListener('error', onUpgradeError);
  406. var transport = new transports[req._query.transport](req);
  407. if (req._query && req._query.b64) {
  408. transport.supportsBinary = false;
  409. } else {
  410. transport.supportsBinary = true;
  411. }
  412. transport.perMessageDeflate = this.perMessageDeflate;
  413. client.maybeUpgrade(transport);
  414. }
  415. } else {
  416. // transport error handling takes over
  417. socket.removeListener('error', onUpgradeError);
  419. this.handshake(req._query.transport, req);
  420. }
  422. function onUpgradeError () {
  423. debug('websocket error before upgrade');
  424. // socket.close() not needed
  425. }
  426. };
  428. /**
  429. * Captures upgrade requests for a http.Server.
  430. *
  431. * @param {http.Server} server
  432. * @param {Object} options
  433. * @api public
  434. */
  436. Server.prototype.attach = function (server, options) {
  437. var self = this;
  438. options = options || {};
  439. var path = (options.path || '/engine.io').replace(/\/$/, '');
  441. var destroyUpgradeTimeout = options.destroyUpgradeTimeout || 1000;
  443. // normalize path
  444. path += '/';
  446. function check (req) {
  447. if ('OPTIONS' === req.method && false === options.handlePreflightRequest) {
  448. return false;
  449. }
  450. return path === req.url.substr(0, path.length);
  451. }
  453. // cache and clean up listeners
  454. var listeners = server.listeners('request').slice(0);
  455. server.removeAllListeners('request');
  456. server.on('close', self.close.bind(self));
  457. server.on('listening', self.init.bind(self));
  459. // add request handler
  460. server.on('request', function (req, res) {
  461. if (check(req)) {
  462. debug('intercepting request for path "%s"', path);
  463. if ('OPTIONS' === req.method && 'function' === typeof options.handlePreflightRequest) {
  464. options.handlePreflightRequest.call(server, req, res);
  465. } else {
  466. self.handleRequest(req, res);
  467. }
  468. } else {
  469. for (var i = 0, l = listeners.length; i < l; i++) {
  470. listeners[i].call(server, req, res);
  471. }
  472. }
  473. });
  475. if (~self.transports.indexOf('websocket')) {
  476. server.on('upgrade', function (req, socket, head) {
  477. if (check(req)) {
  478. self.handleUpgrade(req, socket, head);
  479. } else if (false !== options.destroyUpgrade) {
  480. // default node behavior is to disconnect when no handlers
  481. // but by adding a handler, we prevent that
  482. // and if no eio thing handles the upgrade
  483. // then the socket needs to die!
  484. setTimeout(function () {
  485. if (socket.writable && socket.bytesWritten <= 0) {
  486. return socket.end();
  487. }
  488. }, destroyUpgradeTimeout);
  489. }
  490. });
  491. }
  492. };
  494. /**
  495. * Closes the connection
  496. *
  497. * @param {net.Socket} socket
  498. * @param {code} error code
  499. * @api private
  500. */
  502. function abortConnection (socket, code) {
  503. socket.on('error', () => {
  504. debug('ignoring error from closed connection');
  505. });
  506. if (socket.writable) {
  507. var message = Server.errorMessages.hasOwnProperty(code) ? Server.errorMessages[code] : String(code || '');
  508. var length = Buffer.byteLength(message);
  509. socket.write(
  510. 'HTTP/1.1 400 Bad Request\r\n' +
  511. 'Connection: close\r\n' +
  512. 'Content-type: text/html\r\n' +
  513. 'Content-Length: ' + length + '\r\n' +
  514. '\r\n' +
  515. message
  516. );
  517. }
  518. socket.destroy();
  519. }
  521. /* eslint-disable */
  523. /**
  524. * From https://github.com/nodejs/node/blob/v8.4.0/lib/_http_common.js#L303-L354
  525. *
  526. * True if val contains an invalid field-vchar
  527. * field-value = *( field-content / obs-fold )
  528. * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
  529. * field-vchar = VCHAR / obs-text
  530. *
  531. * checkInvalidHeaderChar() is currently designed to be inlinable by v8,
  532. * so take care when making changes to the implementation so that the source
  533. * code size does not exceed v8's default max_inlined_source_size setting.
  534. **/
  535. var validHdrChars = [
  536. 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, // 0 - 15
  537. 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16 - 31
  538. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 32 - 47
  539. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 48 - 63
  540. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 64 - 79
  541. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 80 - 95
  542. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 96 - 111
  543. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, // 112 - 127
  544. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 128 ...
  545. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  546. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  547. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  548. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  549. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  550. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  551. 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 // ... 255
  552. ];
  554. function checkInvalidHeaderChar(val) {
  555. val += '';
  556. if (val.length < 1)
  557. return false;
  558. if (!validHdrChars[val.charCodeAt(0)]) {
  559. debug('invalid header, index 0, char "%s"', val.charCodeAt(0));
  560. return true;
  561. }
  562. if (val.length < 2)
  563. return false;
  564. if (!validHdrChars[val.charCodeAt(1)]) {
  565. debug('invalid header, index 1, char "%s"', val.charCodeAt(1));
  566. return true;
  567. }
  568. if (val.length < 3)
  569. return false;
  570. if (!validHdrChars[val.charCodeAt(2)]) {
  571. debug('invalid header, index 2, char "%s"', val.charCodeAt(2));
  572. return true;
  573. }
  574. if (val.length < 4)
  575. return false;
  576. if (!validHdrChars[val.charCodeAt(3)]) {
  577. debug('invalid header, index 3, char "%s"', val.charCodeAt(3));
  578. return true;
  579. }
  580. for (var i = 4; i < val.length; ++i) {
  581. if (!validHdrChars[val.charCodeAt(i)]) {
  582. debug('invalid header, index "%i", char "%s"', i, val.charCodeAt(i));
  583. return true;
  584. }
  585. }
  586. return false;
  587. }