Merge branch 'v0.18'

src/impl/utils.cpp

@@ -128,6 +128,18 @@ std::seed_seq random_seed() {
 	return std::seed_seq(seed.begin(), seed.end());
 }
 
+bool IsHttpRequest(const byte *buffer, size_t size) {
+	// Check the buffer starts with a valid-looking HTTP method
+	for (size_t i = 0; i < size; ++i) {
+		char c = static_cast<char>(buffer[i]);
+		if (i > 0 && c == ' ')
+			break;
+		else if (i >= 8 || c < 'A' || c > 'Z')
+			return false;
+	}
+	return true;
+}
+
 size_t parseHttpLines(const byte *buffer, size_t size, std::list<string> &lines) {
 	lines.clear();
 	auto begin = reinterpret_cast<const char *>(buffer);

src/impl/utils.hpp

@@ -34,6 +34,9 @@ string base64_encode(const binary &data);
 // Return a random seed sequence
 std::seed_seq random_seed();
 
+// Check the buffer contains the beginning of an HTTP request
+bool IsHttpRequest(const byte *buffer, size_t size);
+
 // Parse an http message into lines
 size_t parseHttpLines(const byte *buffer, size_t size, std::list<string> &lines);
 

src/impl/wshandshake.cpp

@@ -131,6 +131,9 @@ string WsHandshake::generateHttpError(int responseCode) {
 }
 
 size_t WsHandshake::parseHttpRequest(const byte *buffer, size_t size) {
+	if (!utils::IsHttpRequest(buffer, size))
+		throw RequestError("Invalid HTTP request for WebSocket", 400);
+
 	std::unique_lock lock(mMutex);
 	std::list<string> lines;
 	size_t length = utils::parseHttpLines(buffer, size, lines);