331 lines
13 KiB
Markdown
331 lines
13 KiB
Markdown
# websocket-extensions [![Build status](https://secure.travis-ci.org/faye/websocket-extensions-node.svg)](http://travis-ci.org/faye/websocket-extensions-node)
|
|
|
|
A minimal framework that supports the implementation of WebSocket extensions in
|
|
a way that's decoupled from the main protocol. This library aims to allow a
|
|
WebSocket extension to be written and used with any protocol library, by
|
|
defining abstract representations of frames and messages that allow modules to
|
|
co-operate.
|
|
|
|
`websocket-extensions` provides a container for registering extension plugins,
|
|
and provides all the functions required to negotiate which extensions to use
|
|
during a session via the `Sec-WebSocket-Extensions` header. By implementing the
|
|
APIs defined in this document, an extension may be used by any WebSocket library
|
|
based on this framework.
|
|
|
|
## Installation
|
|
|
|
```
|
|
$ npm install websocket-extensions
|
|
```
|
|
|
|
## Usage
|
|
|
|
There are two main audiences for this library: authors implementing the
|
|
WebSocket protocol, and authors implementing extensions. End users of a
|
|
WebSocket library or an extension should be able to use any extension by passing
|
|
it as an argument to their chosen protocol library, without needing to know how
|
|
either of them work, or how the `websocket-extensions` framework operates.
|
|
|
|
The library is designed with the aim that any protocol implementation and any
|
|
extension can be used together, so long as they support the same abstract
|
|
representation of frames and messages.
|
|
|
|
### Data types
|
|
|
|
The APIs provided by the framework rely on two data types; extensions will
|
|
expect to be given data and to be able to return data in these formats:
|
|
|
|
#### *Frame*
|
|
|
|
*Frame* is a structure representing a single WebSocket frame of any type. Frames
|
|
are simple objects that must have at least the following properties, which
|
|
represent the data encoded in the frame:
|
|
|
|
| property | description |
|
|
| ------------ | ------------------------------------------------------------------ |
|
|
| `final` | `true` if the `FIN` bit is set, `false` otherwise |
|
|
| `rsv1` | `true` if the `RSV1` bit is set, `false` otherwise |
|
|
| `rsv2` | `true` if the `RSV2` bit is set, `false` otherwise |
|
|
| `rsv3` | `true` if the `RSV3` bit is set, `false` otherwise |
|
|
| `opcode` | the numeric opcode (`0`, `1`, `2`, `8`, `9`, or `10`) of the frame |
|
|
| `masked` | `true` if the `MASK` bit is set, `false` otherwise |
|
|
| `maskingKey` | a 4-byte `Buffer` if `masked` is `true`, otherwise `null` |
|
|
| `payload` | a `Buffer` containing the (unmasked) application data |
|
|
|
|
#### *Message*
|
|
|
|
A *Message* represents a complete application message, which can be formed from
|
|
text, binary and continuation frames. It has the following properties:
|
|
|
|
| property | description |
|
|
| -------- | ----------------------------------------------------------------- |
|
|
| `rsv1` | `true` if the first frame of the message has the `RSV1` bit set |
|
|
| `rsv2` | `true` if the first frame of the message has the `RSV2` bit set |
|
|
| `rsv3` | `true` if the first frame of the message has the `RSV3` bit set |
|
|
| `opcode` | the numeric opcode (`1` or `2`) of the first frame of the message |
|
|
| `data` | the concatenation of all the frame payloads in the message |
|
|
|
|
### For driver authors
|
|
|
|
A driver author is someone implementing the WebSocket protocol proper, and who
|
|
wishes end users to be able to use WebSocket extensions with their library.
|
|
|
|
At the start of a WebSocket session, on both the client and the server side,
|
|
they should begin by creating an extension container and adding whichever
|
|
extensions they want to use.
|
|
|
|
```js
|
|
var Extensions = require('websocket-extensions'),
|
|
deflate = require('permessage-deflate');
|
|
|
|
var exts = new Extensions();
|
|
exts.add(deflate);
|
|
```
|
|
|
|
In the following examples, `exts` refers to this `Extensions` instance.
|
|
|
|
#### Client sessions
|
|
|
|
Clients will use the methods `generateOffer()` and `activate(header)`.
|
|
|
|
As part of the handshake process, the client must send a
|
|
`Sec-WebSocket-Extensions` header to advertise that it supports the registered
|
|
extensions. This header should be generated using:
|
|
|
|
```js
|
|
request.headers['sec-websocket-extensions'] = exts.generateOffer();
|
|
```
|
|
|
|
This returns a string, for example `"permessage-deflate;
|
|
client_max_window_bits"`, that represents all the extensions the client is
|
|
offering to use, and their parameters. This string may contain multiple offers
|
|
for the same extension.
|
|
|
|
When the client receives the handshake response from the server, it should pass
|
|
the incoming `Sec-WebSocket-Extensions` header in to `exts` to activate the
|
|
extensions the server has accepted:
|
|
|
|
```js
|
|
exts.activate(response.headers['sec-websocket-extensions']);
|
|
```
|
|
|
|
If the server has sent any extension responses that the client does not
|
|
recognize, or are in conflict with one another for use of RSV bits, or that use
|
|
invalid parameters for the named extensions, then `exts.activate()` will
|
|
`throw`. In this event, the client driver should fail the connection with
|
|
closing code `1010`.
|
|
|
|
#### Server sessions
|
|
|
|
Servers will use the method `generateResponse(header)`.
|
|
|
|
A server session needs to generate a `Sec-WebSocket-Extensions` header to send
|
|
in its handshake response:
|
|
|
|
```js
|
|
var clientOffer = request.headers['sec-websocket-extensions'],
|
|
extResponse = exts.generateResponse(clientOffer);
|
|
|
|
response.headers['sec-websocket-extensions'] = extResponse;
|
|
```
|
|
|
|
Calling `exts.generateResponse(header)` activates those extensions the client
|
|
has asked to use, if they are registered, asks each extension for a set of
|
|
response parameters, and returns a string containing the response parameters for
|
|
all accepted extensions.
|
|
|
|
#### In both directions
|
|
|
|
Both clients and servers will use the methods `validFrameRsv(frame)`,
|
|
`processIncomingMessage(message)` and `processOutgoingMessage(message)`.
|
|
|
|
The WebSocket protocol requires that frames do not have any of the `RSV` bits
|
|
set unless there is an extension in use that allows otherwise. When processing
|
|
an incoming frame, sessions should pass a *Frame* object to:
|
|
|
|
```js
|
|
exts.validFrameRsv(frame)
|
|
```
|
|
|
|
If this method returns `false`, the session should fail the WebSocket connection
|
|
with closing code `1002`.
|
|
|
|
To pass incoming messages through the extension stack, a session should
|
|
construct a *Message* object according to the above datatype definitions, and
|
|
call:
|
|
|
|
```js
|
|
exts.processIncomingMessage(message, function(error, msg) {
|
|
// hand the message off to the application
|
|
});
|
|
```
|
|
|
|
If any extensions fail to process the message, then the callback will yield an
|
|
error and the session should fail the WebSocket connection with closing code
|
|
`1010`. If `error` is `null`, then `msg` should be passed on to the application.
|
|
|
|
To pass outgoing messages through the extension stack, a session should
|
|
construct a *Message* as before, and call:
|
|
|
|
```js
|
|
exts.processOutgoingMessage(message, function(error, msg) {
|
|
// write message to the transport
|
|
});
|
|
```
|
|
|
|
If any extensions fail to process the message, then the callback will yield an
|
|
error and the session should fail the WebSocket connection with closing code
|
|
`1010`. If `error` is `null`, then `message` should be converted into frames
|
|
(with the message's `rsv1`, `rsv2`, `rsv3` and `opcode` set on the first frame)
|
|
and written to the transport.
|
|
|
|
At the end of the WebSocket session (either when the protocol is explicitly
|
|
ended or the transport connection disconnects), the driver should call:
|
|
|
|
```js
|
|
exts.close(function() {})
|
|
```
|
|
|
|
The callback is invoked when all extensions have finished processing any
|
|
messages in the pipeline and it's safe to close the socket.
|
|
|
|
### For extension authors
|
|
|
|
An extension author is someone implementing an extension that transforms
|
|
WebSocket messages passing between the client and server. They would like to
|
|
implement their extension once and have it work with any protocol library.
|
|
|
|
Extension authors will not install `websocket-extensions` or call it directly.
|
|
Instead, they should implement the following API to allow their extension to
|
|
plug into the `websocket-extensions` framework.
|
|
|
|
An `Extension` is any object that has the following properties:
|
|
|
|
| property | description |
|
|
| -------- | ---------------------------------------------------------------------------- |
|
|
| `name` | a string containing the name of the extension as used in negotiation headers |
|
|
| `type` | a string, must be `"permessage"` |
|
|
| `rsv1` | either `true` if the extension uses the RSV1 bit, `false` otherwise |
|
|
| `rsv2` | either `true` if the extension uses the RSV2 bit, `false` otherwise |
|
|
| `rsv3` | either `true` if the extension uses the RSV3 bit, `false` otherwise |
|
|
|
|
It must also implement the following methods:
|
|
|
|
```js
|
|
ext.createClientSession()
|
|
```
|
|
|
|
This returns a *ClientSession*, whose interface is defined below.
|
|
|
|
```js
|
|
ext.createServerSession(offers)
|
|
```
|
|
|
|
This takes an array of offer params and returns a *ServerSession*, whose
|
|
interface is defined below. For example, if the client handshake contains the
|
|
offer header:
|
|
|
|
```
|
|
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; server_max_window_bits=8, \
|
|
permessage-deflate; server_max_window_bits=15
|
|
```
|
|
|
|
then the `permessage-deflate` extension will receive the call:
|
|
|
|
```js
|
|
ext.createServerSession([
|
|
{ server_no_context_takeover: true, server_max_window_bits: 8 },
|
|
{ server_max_window_bits: 15 }
|
|
]);
|
|
```
|
|
|
|
The extension must decide which set of parameters it wants to accept, if any,
|
|
and return a *ServerSession* if it wants to accept the parameters and `null`
|
|
otherwise.
|
|
|
|
#### *ClientSession*
|
|
|
|
A *ClientSession* is the type returned by `ext.createClientSession()`. It must
|
|
implement the following methods, as well as the *Session* API listed below.
|
|
|
|
```js
|
|
clientSession.generateOffer()
|
|
// e.g. -> [
|
|
// { server_no_context_takeover: true, server_max_window_bits: 8 },
|
|
// { server_max_window_bits: 15 }
|
|
// ]
|
|
```
|
|
|
|
This must return a set of parameters to include in the client's
|
|
`Sec-WebSocket-Extensions` offer header. If the session wants to offer multiple
|
|
configurations, it can return an array of sets of parameters as shown above.
|
|
|
|
```js
|
|
clientSession.activate(params) // -> true
|
|
```
|
|
|
|
This must take a single set of parameters from the server's handshake response
|
|
and use them to configure the client session. If the client accepts the given
|
|
parameters, then this method must return `true`. If it returns any other value,
|
|
the framework will interpret this as the client rejecting the response, and will
|
|
`throw`.
|
|
|
|
#### *ServerSession*
|
|
|
|
A *ServerSession* is the type returned by `ext.createServerSession(offers)`. It
|
|
must implement the following methods, as well as the *Session* API listed below.
|
|
|
|
```js
|
|
serverSession.generateResponse()
|
|
// e.g. -> { server_max_window_bits: 8 }
|
|
```
|
|
|
|
This returns the set of parameters the server session wants to send in its
|
|
`Sec-WebSocket-Extensions` response header. Only one set of parameters is
|
|
returned to the client per extension. Server sessions that would confict on
|
|
their use of RSV bits are not activated.
|
|
|
|
#### *Session*
|
|
|
|
The *Session* API must be implemented by both client and server sessions. It
|
|
contains two methods, `processIncomingMessage(message)` and
|
|
`processOutgoingMessage(message)`.
|
|
|
|
```js
|
|
session.processIncomingMessage(message, function(error, msg) { ... })
|
|
```
|
|
|
|
The session must implement this method to take an incoming *Message* as defined
|
|
above, transform it in any way it needs, then return it via the callback. If
|
|
there is an error processing the message, this method should yield an error as
|
|
the first argument.
|
|
|
|
```js
|
|
session.processOutgoingMessage(message, function(error, msg) { ... })
|
|
```
|
|
|
|
The session must implement this method to take an outgoing *Message* as defined
|
|
above, transform it in any way it needs, then return it via the callback. If
|
|
there is an error processing the message, this method should yield an error as
|
|
the first argument.
|
|
|
|
Note that both `processIncomingMessage()` and `processOutgoingMessage()` can
|
|
perform their logic asynchronously, are allowed to process multiple messages
|
|
concurrently, and are not required to complete working on messages in the same
|
|
order the messages arrive. `websocket-extensions` will reorder messages as your
|
|
extension emits them and will make sure every extension is given messages in the
|
|
order they arrive from the driver. This allows extensions to maintain state that
|
|
depends on the messages' wire order, for example keeping a DEFLATE compression
|
|
context between messages.
|
|
|
|
```js
|
|
session.close()
|
|
```
|
|
|
|
The framework will call this method when the WebSocket session ends, allowing
|
|
the session to release any resources it's using.
|
|
|
|
## Examples
|
|
|
|
- Consumer: [websocket-driver](https://github.com/faye/websocket-driver-node)
|
|
- Provider: [permessage-deflate](https://github.com/faye/permessage-deflate-node)
|