From ca34a894331c37bf71a43e0f0732df1cac01746d Mon Sep 17 00:00:00 2001 From: Volodymyr Melnychuk Date: Thu, 13 Jun 2019 22:20:20 +0300 Subject: [PATCH] gen oid instead of hardcoded Sec-WebSocket-Key (#2) * gen oid instead of hardcoded Sec-WebSocket-Key * encode key, make proper lenght --- src/news.nim | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/news.nim b/src/news.nim index 83c80df..90f8b39 100644 --- a/src/news.nim +++ b/src/news.nim @@ -1,4 +1,4 @@ -import strutils, streams, random, securehash, base64, uri, strformat, nativesockets +import strutils, streams, random, securehash, base64, uri, strformat, nativesockets, oids, base64 when not declaredInScope(newsUseChronos): # Currently chronos is second class citizen. To use this library in chronos-based @@ -129,12 +129,13 @@ proc newWebSocket*(url: string): Future[WebSocket] {.async.} = ws.transp = newAsyncSocket() await ws.transp.connect(uri.hostname, port) + let secKey = encode($genOid())[16..^1] await ws.transp.send &"""GET {url} HTTP/1.1 Host: {uri.hostname}:{$port} Connection: Upgrade Upgrade: websocket Sec-WebSocket-Version: 13 -Sec-WebSocket-Key: JCSoP2Cyk0cHZkKAit5DjA== +Sec-WebSocket-Key: {secKey} Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits """