never allow unmasked client websocket package

kerryjiang · Aug 8, 2024 · 14ced0f · 14ced0f
1 parent 91433fc
commit 14ced0f
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 4 deletions.
diff --git a/src/SuperSocket.WebSocket/WebSocketDataPipelineFilter.cs b/src/SuperSocket.WebSocket/WebSocketDataPipelineFilter.cs
@@ -7,7 +7,9 @@ namespace SuperSocket.WebSocket
 {
     public class WebSocketDataPipelineFilter : PackagePartsPipelineFilter<WebSocketPackage>
     {
-        private HttpHeader _httpHeader;
+        private readonly HttpHeader _httpHeader;
+
+        private readonly bool _requireMask = true;
 
         /// <summary>
         /// -1: default value
@@ -16,9 +18,10 @@ public class WebSocketDataPipelineFilter : PackagePartsPipelineFilter<WebSocketP
         /// </summary>
         private long _consumed = -1;
 
-        public WebSocketDataPipelineFilter(HttpHeader httpHeader)
+        public WebSocketDataPipelineFilter(HttpHeader httpHeader, bool requireMask = true)
         {
             _httpHeader = httpHeader;
+            _requireMask = requireMask;
         }
 
         protected override WebSocketPackage CreatePackage()
@@ -72,6 +75,11 @@ protected override void OnPartReaderSwitched(IPackagePartReader<WebSocketPackage
         {
             if (currentPartReader is FixPartReader)
             {
+                if (_requireMask && !CurrentPackage.HasMask)
+                {
+                    throw new ProtocolException("Mask is required for this websocket package.");
+                }
+
                 // not final fragment or is the last fragment of multiple fragments message
                 // _consumed = 0 means we are ready to preserve the bytes
                 if (!CurrentPackage.FIN || CurrentPackage.Head != null)

diff --git a/src/SuperSocket.WebSocket/WebSocketPipelineFilter.cs b/src/SuperSocket.WebSocket/WebSocketPipelineFilter.cs
@@ -17,7 +17,18 @@ public class WebSocketPipelineFilter : IPipelineFilter<WebSocketPackage>
         private static readonly char _COLON = ':';
 
         private static readonly ReadOnlyMemory<byte> _headerTerminator = new byte[] { (byte)'\r', (byte)'\n', (byte)'\r', (byte)'\n' };
-
+
+        private readonly bool _requireMask = true;
+
+        public WebSocketPipelineFilter()
+        { 
+        }
+
+        public WebSocketPipelineFilter(bool requireMask)
+        {
+            _requireMask = requireMask;
+        }
+
         public IPackageDecoder<WebSocketPackage> Decoder { get; set; }
 
         public IPipelineFilter<WebSocketPackage> NextFilter { get; internal set; }
@@ -33,7 +44,7 @@ public WebSocketPackage Filter(ref SequenceReader<byte> reader)
 
             var package = ParseHandshake(ref pack);
 
-            NextFilter = new WebSocketDataPipelineFilter(package.HttpHeader);
+            NextFilter = new WebSocketDataPipelineFilter(package.HttpHeader, _requireMask);
 
             return package;
         }