我似乎在通过我的Websocket键时获得了错误的哈希值。据我所知,插座的客户端有效,因为当我将其连接到其他服务器时,它就成功了。
index.js
const http = require('http')
const cryp=require('crypto')
const port = 8080
var ourHTML=require('fs').readFile("index.html",(err,data) => {
if(err) throw err;
ourHTML = data.toString();
});
const requestHandler = (request, response) => {
//console.log(request)
response.end(ourHTML)
}
const server = http.createServer(requestHandler)
server.on('upgrade',(req,socket)=>{
if(req.headers['upgrade'] !== 'websocket'){
socket.end('HTTP/1.1 400 Bad Request');
return;
}
const hash=getAVal(req.headers['sec-websocket-key']);
console.log(hash);
socket.write([
"HTTP/1.1 101 Web Socket Protocol Handshake",
"Upgrade: WebSocket",
"Connection: Upgrade",
`Sec-WebSocket-Accept: ${hash}`
].join('rn')+'rnrn');
//socket.end();
});
function getAVal(key){
console.log(key);
return cryp
.createHash('sha1')
.update(key+'258EAFA5-E914–47DA-95CA-C5AB0DC85B11', 'binary')
.digest('base64');
}
server.listen(port, (err) => {
if(err){
return console.log("Uhh ohh, "+err.stack,err)
}
console.log("server listening at "+port)
})
index.html
<html>
<head><title>Local Server</title></head>
<body><h1>Local Server Body</h1><p id="p">To Change</p></body>
<script>
console.log("here");
var ws=new WebSocket("ws://10.0.0.150:8080");
//var ws=new WebSocket("wss://echo.websocket.org");
setInterval(req,1000);
function req(){
ws.send("tickReq");
}
ws.addEventListener('open', () => {
ws.send("Hello");
});
ws.addEventListener('message', event => {
document.getElementById("p").innerHTML=event.data;
});
</script>
</html>
运行时的键和哈希对的示例是:
pxsrstn1cglk/jbyydufjg ==
qak te6u sv705gi lpp4ykm04y =
顶部是浏览器给出的密钥,底部是getaval函数正在返回的键,并且导致此消息不正确。
Websocket握手期间的错误:错误的" sec-websocket-peccept"标头值
在您的示例中,base64 string
"QAK+TE6u+sV705GI+LpP4yKM04Y="
解码为字节
4002BE4C4EAEFAC57BD39188F8BA4FE3228CD386
但是,字符串的正确sha1哈希
"PxsrStN1CGLK/JBYydUFjg==258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
是字节
2FEA5BE3299C27C3DD290853435C7529BBBC0F0F
和这些字节的基本64编码形式为
"L+pb4ymcJ8PdKQhTQ1x1Kbu8Dw8="
这意味着您的sha1哈希开始是错误的。
尝试无需指定encoding
调用digest()
,以便您可以获得Buffer
而不是string
,然后验证它与上面的字节匹配。
然后使用Buffer.toString("base64")
将这些字节转换为base64并验证其与上面的字符串匹配。