Make sure to only write to open transports (thanks JohnDav)

lib/socket.io/client.js

@@ -63,8 +63,11 @@ Client.prototype._onConnect = function(req, res){
   this.connection = req.connection;
   
   this.connection.addListener('end', function(){
+    if (self.connection){
+      self.connection.end();
+      self.connection.destroy();
+    }
     self._onClose();
-    self.connection.end();
   });
   
   if (req){
@@ -121,20 +124,25 @@ Client.prototype._onHeartbeat = function(h){
   }
 };
 
-Client.prototype._onClose = function(){
+Client.prototype._onClose = function(skipDisconnect){
   if (this._open){
     var self = this;
     if ('_heartbeatInterval' in this) clearTimeout(this._heartbeatInterval);
     if ('_heartbeatTimeout' in this) clearTimeout(this._heartbeatTimeout);
     this._open = false;
-    this._disconnectTimeout = setTimeout(function(){
-      self._onDisconnect();
-    }, this.options.closeTimeout);
+    if (skipDisconnect !== false){
+      if (this.handshaked)
+        this._disconnectTimeout = setTimeout(function(){
+          self._onDisconnect();
+        }, this.options.closeTimeout);
+      else
+        this._onDisconnect();
+    }
   }
 };
 
 Client.prototype._onDisconnect = function(){
-  if (this._open) this._onClose();
+  if (this._open) this._onClose(true);
   if (this._disconnectTimeout) clearTimeout(this._disconnectTimeout);
   if (this.connected){
     this._writeQueue = [];

lib/socket.io/transports/htmlfile.js

@@ -41,5 +41,6 @@ HTMLFile.prototype._onConnect = function(req, res){
 };
   
 HTMLFile.prototype._write = function(message){
-  this.response.write('<script>parent.s._('+ JSON.stringify(message) +', document);</script>'); //json for escaping
+  if (this._open)
+    this.response.write('<script>parent.s._('+ JSON.stringify(message) +', document);</script>'); //json for escaping
 };

lib/socket.io/transports/jsonp-polling.js

@@ -20,13 +20,15 @@ JSONPPolling.prototype._onConnect = function(req, res){
 };
   
 JSONPPolling.prototype._write = function(message){
-  if (this.request.headers.origin && !this._verifyOrigin(this.request.headers.origin)){
-    message = "alert('Cross domain security restrictions not met');";
-  } else {
-    message = "io.JSONP["+ this._index +"]._("+ JSON.stringify(message) +");";
+  if (this._open){
+    if (this.request.headers.origin && !this._verifyOrigin(this.request.headers.origin)){
+      message = "alert('Cross domain security restrictions not met');";
+    } else {
+      message = "io.JSONP["+ this._index +"]._("+ JSON.stringify(message) +");";
+    }
+    this.response.writeHead(200, {'Content-Type': 'text/javascript; charset=UTF-8', 'Content-Length': Buffer.byteLength(message)});
+    this.response.write(message);
+    this.response.end();
+    this._onClose();
   }
-  this.response.writeHead(200, {'Content-Type': 'text/javascript; charset=UTF-8', 'Content-Length': Buffer.byteLength(message)});
-  this.response.write(message);
-  this.response.end();
-  this._onClose();
 };

lib/socket.io/transports/websocket.js

@@ -19,6 +19,7 @@ WebSocket.prototype._onConnect = function(req, socket){
   
   if (this.request.headers.upgrade !== 'WebSocket' || !this._verifyOrigin(this.request.headers.origin)){
     this.listener.options.log('WebSocket connection invalid or Origin not verified');
+    this.connection.end();
     this.connection.destroy();
     return false;
   }
@@ -55,7 +56,8 @@ WebSocket.prototype._onConnect = function(req, socket){
     try {
       this.connection.write(headers.concat('', '').join('\r\n'));
     } catch(e){
-      this._onClose();
+      this.connection.end();
+      this.connection.destroy();
     }
   }
   
@@ -75,8 +77,12 @@ WebSocket.prototype._handle = function(data){
     chunk = chunks[i];
     if (chunk[0] !== '\u0000'){
       this.listener.options.log('Data incorrectly framed by UA. Dropping connection');
-      this.connection.end();
-      this.connection.destroy();
+      if (this._open){
+        this._onClose();
+      } else {
+        this.connection.end();
+        this.connection.destroy();
+      }
       return false;
     }
     this._onMessage(chunk.slice(1));
@@ -86,8 +92,9 @@ WebSocket.prototype._handle = function(data){
 
 // http://www.whatwg.org/specs/web-apps/current-work/complete/network.html#opening-handshake
 WebSocket.prototype._proveReception = function(headers){
-  var k1 = this.request.headers['sec-websocket-key1'],
-      k2 = this.request.headers['sec-websocket-key2'];
+  var self = this
+    , k1 = this.request.headers['sec-websocket-key1']
+    , k2 = this.request.headers['sec-websocket-key2'];
   
   if (k1 && k2){
     var md5 = crypto.createHash('md5');
@@ -97,11 +104,9 @@ WebSocket.prototype._proveReception = function(headers){
           spaces = k.replace(/[^ ]/g, '').length;
           
       if (spaces === 0 || n % spaces !== 0){
-        if (this.listener && this.listener.options){
-          this.listener.options.log('Invalid WebSocket key: "' + k + '". Dropping connection');
-        }
-        this.connection.end();
-        this.connection.destroy();
+        self.listener.options.log('Invalid WebSocket key: "' + k + '". Dropping connection');
+        self.connection.end();
+        self.connection.destroy();
         return false;
       }
 
@@ -119,7 +124,8 @@ WebSocket.prototype._proveReception = function(headers){
     try {
       this.connection.write(headers.concat('', '').join('\r\n') + md5.digest('binary'), 'binary');
     } catch(e){
-      this._onClose();
+      this.connection.end();
+      this.connection.destroy();
     }
   }
   

lib/socket.io/transports/xhr-multipart.js

@@ -56,8 +56,9 @@ Multipart.prototype._onConnect = function(req, res){
 };
   
 Multipart.prototype._write = function(message){
-  this.response.write("Content-Type: text/plain" + (message.length === 1 && message.charCodeAt(0) === 6 ? "; charset=us-ascii" : "") + "\n\n");
-  this.response.write(message + "\n");
-  this.response.write("--socketio\n");
-  if ('flush' in this.response) this.response.flush();
+  if (this._open){
+    this.response.write("Content-Type: text/plain" + (message.length === 1 && message.charCodeAt(0) === 6 ? "; charset=us-ascii" : "") + "\n\n");
+    this.response.write(message + "\n");
+    this.response.write("--socketio\n");
+  }
 };

lib/socket.io/transports/xhr-polling.js

@@ -62,14 +62,16 @@ Polling.prototype._onClose = function(){
 };
   
 Polling.prototype._write = function(message){
-  var headers = {'Content-Type': 'text/plain; charset=UTF-8', 'Content-Length': Buffer.byteLength(message)};
-  // https://developer.mozilla.org/En/HTTP_Access_Control
-  if (this.request.headers.origin && this._verifyOrigin(this.request.headers.origin)){
-    headers['Access-Control-Allow-Origin'] = this.request.headers.origin;
-    if (this.request.headers.cookie) headers['Access-Control-Allow-Credentials'] = 'true';
+  if (this._open){
+    var headers = {'Content-Type': 'text/plain; charset=UTF-8', 'Content-Length': Buffer.byteLength(message)};
+    // https://developer.mozilla.org/En/HTTP_Access_Control
+    if (this.request.headers.origin && this._verifyOrigin(this.request.headers.origin)){
+      headers['Access-Control-Allow-Origin'] = this.request.headers.origin;
+      if (this.request.headers.cookie) headers['Access-Control-Allow-Credentials'] = 'true';
+    }
+    this.response.writeHead(200, headers);
+    this.response.write(message);
+    this.response.end();
+    this._onClose();
   }
-  this.response.writeHead(200, headers);
-  this.response.write(message);
-  this.response.end();
-  this._onClose();
 };

package.json

@@ -1,6 +1,6 @@
 { "name" : "socket.io"
 , "description" : "The cross-browser WebSocket"
-, "version" : "0.6"
+, "version" : "0.6.0"
 , "author" : "LearnBoost"
 , "licenses" :
   [ { "type" : "MIT"