github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-01-09 15:08:12 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix(eio): prevent the client from upgrading twice (uws)

Browse Source 
Related: https://github.com/socketio/socket.io/issues/5066
This commit is contained in:
Damien Arrachequesne
2024-09-19 12:05:38 +02:00
parent da613810fd
commit d5095fe98c
2 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/engine.io/lib/userver.ts
View File

@@ -185,13 +185,13 @@ export class uServer extends BaseServer {
const client = this.clients[id];
if (!client) {
debug("upgrade attempt for closed client");
res.close();
return res.close();
} else if (client.upgrading) {
debug("transport has already been trying to upgrade");
res.close();
return res.close();
} else if (client.upgraded) {
debug("transport had already been upgraded");
res.close();
return res.close();
} else {
debug("upgrading existing transport");
transport = this.createTransport(req._query.transport, req);

20
packages/engine.io/test/server.js
View File

@@ -205,6 +205,26 @@ describe("server", () => {
});
});
it("should prevent the client from upgrading twice", (done) => {
engine = listen((port) => {
const client = new ClientSocket(`ws://localhost:${port}`);
client.on("upgrade", () => {
const socket = new WebSocket(
`ws://localhost:${port}/engine.io/?EIO=4&transport=websocket&sid=${client.id}`,
);
socket.on("error", () => {});
socket.on("close", () => {
client.close();
done();
});
});
});
});
it("should disallow `__proto__` as transport (polling)", (done) => {
const partialDone = createPartialDone(done, 2);