robin/live-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
Robin Grenzdörfer
2023-12-05 17:03:01 +00:00
parent aec42feb5e
commit ea9944383f
1246 changed files with 125706 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

142
node_modules/websocket-driver/CHANGELOG.md generated vendored Normal file
View File

@@ -0,0 +1,142 @@
### 0.7.4 / 2020-05-22
- Avoid crashing if `process.version` does not contain any digits
- Emit `ping` and `pong` events from the `Server` driver
- Require http-parser-js >=0.5.1 which fixes the bug we addressed in 0.7.3
### 0.7.3 / 2019-06-13
- Cap version of http-parser-js below 0.4.11, which introduced a bug that
prevents us from handling messages that are part of the same input buffer as
the handshake response if chunked encoding is specified
### 0.7.2 / 2019-06-13
(This version was pulled due to an error when publishing)
### 0.7.1 / 2019-06-10
- Catch any exceptions produced while generating a handshake response and send a
`400 Bad Request` response to the client
- Pick the RFC-6455 protocol version if the request contains any of the headers
used by that version
- Use the `Buffer.alloc()` and `Buffer.from()` functions instead of the unsafe
`Buffer()` constructor
- Handle errors encountered while handling malformed draft-76 requests
- Change license from MIT to Apache 2.0
### 0.7.0 / 2017-09-11
- Add `ping` and `pong` to the set of events users can listen to
- Replace the bindings to Node's HTTP parser with `http-parser-js`
### 0.6.5 / 2016-05-20
- Don't mutate buffers passed in by the application when masking
### 0.6.4 / 2016-01-07
- If a number is given as input for a frame payload, send it as a string
### 0.6.3 / 2015-11-06
- Reject draft-76 handshakes if their Sec-WebSocket-Key headers are invalid
- Throw a more helpful error if a client is created with an invalid URL
### 0.6.2 / 2015-07-18
- When the peer sends a close frame with no error code, emit 1000
### 0.6.1 / 2015-07-13
- Use the `buffer.{read,write}UInt{16,32}BE` methods for reading/writing numbers
to buffers rather than including duplicate logic for this
### 0.6.0 / 2015-07-08
- Allow the parser to recover cleanly if event listeners raise an error
- Add a `pong` method for sending unsolicited pong frames
### 0.5.4 / 2015-03-29
- Don't emit extra close frames if we receive a close frame after we already
sent one
- Fail the connection when the driver receives an invalid
`Sec-WebSocket-Extensions` header
### 0.5.3 / 2015-02-22
- Don't treat incoming data as WebSocket frames if a client driver is closed
before receiving the server handshake
### 0.5.2 / 2015-02-19
- Fix compatibility with the HTTP parser on io.js
- Use `websocket-extensions` to make sure messages and close frames are kept in
order
- Don't emit multiple `error` events
### 0.5.1 / 2014-12-18
- Don't allow drivers to be created with unrecognized options
### 0.5.0 / 2014-12-13
- Support protocol extensions via the websocket-extensions module
### 0.4.0 / 2014-11-08
- Support connection via HTTP proxies using `CONNECT`
### 0.3.6 / 2014-10-04
- It is now possible to call `close()` before `start()` and close the driver
### 0.3.5 / 2014-07-06
- Don't hold references to frame buffers after a message has been emitted
- Make sure that `protocol` and `version` are exposed properly by the TCP driver
### 0.3.4 / 2014-05-08
- Don't hold memory-leaking references to I/O buffers after they have been
parsed
### 0.3.3 / 2014-04-24
- Correct the draft-76 status line reason phrase
### 0.3.2 / 2013-12-29
- Expand `maxLength` to cover sequences of continuation frames and
`draft-{75,76}`
- Decrease default maximum frame buffer size to 64MB
- Stop parsing when the protocol enters a failure mode, to save CPU cycles
### 0.3.1 / 2013-12-03
- Add a `maxLength` option to limit allowed frame size
- Don't pre-allocate a message buffer until the whole frame has arrived
- Fix compatibility with Node v0.11 `HTTPParser`
### 0.3.0 / 2013-09-09
- Support client URLs with Basic Auth credentials
### 0.2.2 / 2013-07-05
- No functional changes, just updates to package.json
### 0.2.1 / 2013-05-17
- Export the isSecureRequest() method since faye-websocket relies on it
- Queue sent messages in the client's initial state
### 0.2.0 / 2013-05-12
- Add API for setting and reading headers
- Add Driver.server() method for getting a driver for TCP servers
### 0.1.0 / 2013-05-04
- First stable release

12
node_modules/websocket-driver/LICENSE.md generated vendored Normal file
View File

@@ -0,0 +1,12 @@
Copyright 2010-2020 James Coglan
Licensed under the Apache License, Version 2.0 (the "License"); you may not use
this file except in compliance with the License. You may obtain a copy of the
License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied. See the License for the
specific language governing permissions and limitations under the License.

370
node_modules/websocket-driver/README.md generated vendored Normal file
View File

@@ -0,0 +1,370 @@
# websocket-driver [![Build Status](https://travis-ci.org/faye/websocket-driver-node.svg)](https://travis-ci.org/faye/websocket-driver-node)
This module provides a complete implementation of the WebSocket protocols that
can be hooked up to any I/O stream. It aims to simplify things by decoupling the
protocol details from the I/O layer, such that users only need to implement code
to stream data in and out of it without needing to know anything about how the
protocol actually works. Think of it as a complete WebSocket system with
pluggable I/O.
Due to this design, you get a lot of things for free. In particular, if you hook
this module up to some I/O object, it will do all of this for you:
- Select the correct server-side driver to talk to the client
- Generate and send both server- and client-side handshakes
- Recognize when the handshake phase completes and the WS protocol begins
- Negotiate subprotocol selection based on `Sec-WebSocket-Protocol`
- Negotiate and use extensions via the
[websocket-extensions](https://github.com/faye/websocket-extensions-node)
module
- Buffer sent messages until the handshake process is finished
- Deal with proxies that defer delivery of the draft-76 handshake body
- Notify you when the socket is open and closed and when messages arrive
- Recombine fragmented messages
- Dispatch text, binary, ping, pong and close frames
- Manage the socket-closing handshake process
- Automatically reply to ping frames with a matching pong
- Apply masking to messages sent by the client
This library was originally extracted from the [Faye](http://faye.jcoglan.com)
project but now aims to provide simple WebSocket support for any Node-based
project.
## Installation
```
$ npm install websocket-driver
```
## Usage
This module provides protocol drivers that have the same interface on the server
and on the client. A WebSocket driver is an object with two duplex streams
attached; one for incoming/outgoing messages and one for managing the wire
protocol over an I/O stream. The full API is described below.
### Server-side with HTTP
A Node webserver emits a special event for 'upgrade' requests, and this is where
you should handle WebSockets. You first check whether the request is a
WebSocket, and if so you can create a driver and attach the request's I/O stream
to it.
```js
var http = require('http'),
websocket = require('websocket-driver');
var server = http.createServer();
server.on('upgrade', function(request, socket, body) {
if (!websocket.isWebSocket(request)) return;
var driver = websocket.http(request);
driver.io.write(body);
socket.pipe(driver.io).pipe(socket);
driver.messages.on('data', function(message) {
console.log('Got a message', message);
});
driver.start();
});
```
Note the line `driver.io.write(body)` - you must pass the `body` buffer to the
socket driver in order to make certain versions of the protocol work.
### Server-side with TCP
You can also handle WebSocket connections in a bare TCP server, if you're not
using an HTTP server and don't want to implement HTTP parsing yourself.
The driver will emit a `connect` event when a request is received, and at this
point you can detect whether it's a WebSocket and handle it as such. Here's an
example using the Node `net` module:
```js
var net = require('net'),
websocket = require('websocket-driver');
var server = net.createServer(function(connection) {
var driver = websocket.server();
driver.on('connect', function() {
if (websocket.isWebSocket(driver)) {
driver.start();
} else {
// handle other HTTP requests
}
});
driver.on('close', function() { connection.end() });
connection.on('error', function() {});
connection.pipe(driver.io).pipe(connection);
driver.messages.pipe(driver.messages);
});
server.listen(4180);
```
In the `connect` event, the driver gains several properties to describe the
request, similar to a Node request object, such as `method`, `url` and
`headers`. However you should remember it's not a real request object; you
cannot write data to it, it only tells you what request data we parsed from the
input.
If the request has a body, it will be in the `driver.body` buffer, but only as
much of the body as has been piped into the driver when the `connect` event
fires.
### Client-side
Similarly, to implement a WebSocket client you just need to make a driver by
passing in a URL. After this you use the driver API as described below to
process incoming data and send outgoing data.
```js
var net = require('net'),
websocket = require('websocket-driver');
var driver = websocket.client('ws://www.example.com/socket'),
tcp = net.connect(80, 'www.example.com');
tcp.pipe(driver.io).pipe(tcp);
tcp.on('connect', function() {
driver.start();
});
driver.messages.on('data', function(message) {
console.log('Got a message', message);
});
```
Client drivers have two additional properties for reading the HTTP data that was
sent back by the server:
- `driver.statusCode` - the integer value of the HTTP status code
- `driver.headers` - an object containing the response headers
### HTTP Proxies
The client driver supports connections via HTTP proxies using the `CONNECT`
method. Instead of sending the WebSocket handshake immediately, it will send a
`CONNECT` request, wait for a `200` response, and then proceed as normal.
To use this feature, call `driver.proxy(url)` where `url` is the origin of the
proxy, including a username and password if required. This produces a duplex
stream that you should pipe in and out of your TCP connection to the proxy
server. When the proxy emits `connect`, you can then pipe `driver.io` to your
TCP stream and call `driver.start()`.
```js
var net = require('net'),
websocket = require('websocket-driver');
var driver = websocket.client('ws://www.example.com/socket'),
proxy = driver.proxy('http://username:password@proxy.example.com'),
tcp = net.connect(80, 'proxy.example.com');
tcp.pipe(proxy).pipe(tcp, { end: false });
tcp.on('connect', function() {
proxy.start();
});
proxy.on('connect', function() {
driver.io.pipe(tcp).pipe(driver.io);
driver.start();
});
driver.messages.on('data', function(message) {
console.log('Got a message', message);
});
```
The proxy's `connect` event is also where you should perform a TLS handshake on
your TCP stream, if you are connecting to a `wss:` endpoint.
In the event that proxy connection fails, `proxy` will emit an `error`. You can
inspect the proxy's response via `proxy.statusCode` and `proxy.headers`.
```js
proxy.on('error', function(error) {
console.error(error.message);
console.log(proxy.statusCode);
console.log(proxy.headers);
});
```
Before calling `proxy.start()` you can set custom headers using
`proxy.setHeader()`:
```js
proxy.setHeader('User-Agent', 'node');
proxy.start();
```
### Driver API
Drivers are created using one of the following methods:
```js
driver = websocket.http(request, options)
driver = websocket.server(options)
driver = websocket.client(url, options)
```
The `http` method returns a driver chosen using the headers from a Node HTTP
request object. The `server` method returns a driver that will parse an HTTP
request and then decide which driver to use for it using the `http` method. The
`client` method always returns a driver for the RFC version of the protocol with
masking enabled on outgoing frames.
The `options` argument is optional, and is an object. It may contain the
following fields:
- `maxLength` - the maximum allowed size of incoming message frames, in bytes.
The default value is `2^26 - 1`, or 1 byte short of 64 MiB.
- `protocols` - an array of strings representing acceptable subprotocols for use
over the socket. The driver will negotiate one of these to use via the
`Sec-WebSocket-Protocol` header if supported by the other peer.
A driver has two duplex streams attached to it:
- **`driver.io`** - this stream should be attached to an I/O socket like a TCP
stream. Pipe incoming TCP chunks to this stream for them to be parsed, and
pipe this stream back into TCP to send outgoing frames.
- **`driver.messages`** - this stream emits messages received over the
WebSocket. Writing to it sends messages to the other peer by emitting frames
via the `driver.io` stream.
All drivers respond to the following API methods, but some of them are no-ops
depending on whether the client supports the behaviour.
Note that most of these methods are commands: if they produce data that should
be sent over the socket, they will give this to you by emitting `data` events on
the `driver.io` stream.
#### `driver.on('open', function(event) {})`
Adds a callback to execute when the socket becomes open.
#### `driver.on('message', function(event) {})`
Adds a callback to execute when a message is received. `event` will have a
`data` attribute containing either a string in the case of a text message or a
`Buffer` in the case of a binary message.
You can also listen for messages using the `driver.messages.on('data')` event,
which emits strings for text messages and buffers for binary messages.
#### `driver.on('error', function(event) {})`
Adds a callback to execute when a protocol error occurs due to the other peer
sending an invalid byte sequence. `event` will have a `message` attribute
describing the error.
#### `driver.on('close', function(event) {})`
Adds a callback to execute when the socket becomes closed. The `event` object
has `code` and `reason` attributes.
#### `driver.on('ping', function(event) {})`
Adds a callback block to execute when a ping is received. You do not need to
handle this by sending a pong frame yourself; the driver handles this for you.
#### `driver.on('pong', function(event) {})`
Adds a callback block to execute when a pong is received. If this was in
response to a ping you sent, you can also handle this event via the
`driver.ping(message, function() { ... })` callback.
#### `driver.addExtension(extension)`
Registers a protocol extension whose operation will be negotiated via the
`Sec-WebSocket-Extensions` header. `extension` is any extension compatible with
the [websocket-extensions](https://github.com/faye/websocket-extensions-node)
framework.
#### `driver.setHeader(name, value)`
Sets a custom header to be sent as part of the handshake response, either from
the server or from the client. Must be called before `start()`, since this is
when the headers are serialized and sent.
#### `driver.start()`
Initiates the protocol by sending the handshake - either the response for a
server-side driver or the request for a client-side one. This should be the
first method you invoke. Returns `true` if and only if a handshake was sent.
#### `driver.parse(string)`
Takes a string and parses it, potentially resulting in message events being
emitted (see `on('message')` above) or in data being sent to `driver.io`. You
should send all data you receive via I/O to this method by piping a stream into
`driver.io`.
#### `driver.text(string)`
Sends a text message over the socket. If the socket handshake is not yet
complete, the message will be queued until it is. Returns `true` if the message
was sent or queued, and `false` if the socket can no longer send messages.
This method is equivalent to `driver.messages.write(string)`.
#### `driver.binary(buffer)`
Takes a `Buffer` and sends it as a binary message. Will queue and return `true`
or `false` the same way as the `text` method. It will also return `false` if the
driver does not support binary messages.
This method is equivalent to `driver.messages.write(buffer)`.
#### `driver.ping(string = '', function() {})`
Sends a ping frame over the socket, queueing it if necessary. `string` and the
callback are both optional. If a callback is given, it will be invoked when the
socket receives a pong frame whose content matches `string`. Returns `false` if
frames can no longer be sent, or if the driver does not support ping/pong.
#### `driver.pong(string = '')`
Sends a pong frame over the socket, queueing it if necessary. `string` is
optional. Returns `false` if frames can no longer be sent, or if the driver does
not support ping/pong.
You don't need to call this when a ping frame is received; pings are replied to
automatically by the driver. This method is for sending unsolicited pongs.
#### `driver.close()`
Initiates the closing handshake if the socket is still open. For drivers with no
closing handshake, this will result in the immediate execution of the
`on('close')` driver. For drivers with a closing handshake, this sends a closing
frame and `emit('close')` will execute when a response is received or a protocol
error occurs.
#### `driver.version`
Returns the WebSocket version in use as a string. Will either be `hixie-75`,
`hixie-76` or `hybi-$version`.
#### `driver.protocol`
Returns a string containing the selected subprotocol, if any was agreed upon
using the `Sec-WebSocket-Protocol` mechanism. This value becomes available after
`emit('open')` has fired.

43
node_modules/websocket-driver/lib/websocket/driver.js generated vendored Normal file
View File

@@ -0,0 +1,43 @@
'use strict';
// Protocol references:
//
// * http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-75
// * http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76
// * http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17
var Base = require('./driver/base'),
Client = require('./driver/client'),
Server = require('./driver/server');
var Driver = {
client: function(url, options) {
options = options || {};
if (options.masking === undefined) options.masking = true;
return new Client(url, options);
},
server: function(options) {
options = options || {};
if (options.requireMasking === undefined) options.requireMasking = true;
return new Server(options);
},
http: function() {
return Server.http.apply(Server, arguments);
},
isSecureRequest: function(request) {
return Server.isSecureRequest(request);
},
isWebSocket: function(request) {
return Base.isWebSocket(request);
},
validateOptions: function(options, validKeys) {
Base.validateOptions(options, validKeys);
}
};
module.exports = Driver;

193
node_modules/websocket-driver/lib/websocket/driver/base.js generated vendored Normal file
View File

@@ -0,0 +1,193 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
Emitter = require('events').EventEmitter,
util = require('util'),
streams = require('../streams'),
Headers = require('./headers'),
Reader = require('./stream_reader');
var Base = function(request, url, options) {
Emitter.call(this);
Base.validateOptions(options || {}, ['maxLength', 'masking', 'requireMasking', 'protocols']);
this._request = request;
this._reader = new Reader();
this._options = options || {};
this._maxLength = this._options.maxLength || this.MAX_LENGTH;
this._headers = new Headers();
this.__queue = [];
this.readyState = 0;
this.url = url;
this.io = new streams.IO(this);
this.messages = new streams.Messages(this);
this._bindEventListeners();
};
util.inherits(Base, Emitter);
Base.isWebSocket = function(request) {
var connection = request.headers.connection || '',
upgrade = request.headers.upgrade || '';
return request.method === 'GET' &&
connection.toLowerCase().split(/ *, */).indexOf('upgrade') >= 0 &&
upgrade.toLowerCase() === 'websocket';
};
Base.validateOptions = function(options, validKeys) {
for (var key in options) {
if (validKeys.indexOf(key) < 0)
throw new Error('Unrecognized option: ' + key);
}
};
var instance = {
// This is 64MB, small enough for an average VPS to handle without
// crashing from process out of memory
MAX_LENGTH: 0x3ffffff,
STATES: ['connecting', 'open', 'closing', 'closed'],
_bindEventListeners: function() {
var self = this;
// Protocol errors are informational and do not have to be handled
this.messages.on('error', function() {});
this.on('message', function(event) {
var messages = self.messages;
if (messages.readable) messages.emit('data', event.data);
});
this.on('error', function(error) {
var messages = self.messages;
if (messages.readable) messages.emit('error', error);
});
this.on('close', function() {
var messages = self.messages;
if (!messages.readable) return;
messages.readable = messages.writable = false;
messages.emit('end');
});
},
getState: function() {
return this.STATES[this.readyState] || null;
},
addExtension: function(extension) {
return false;
},
setHeader: function(name, value) {
if (this.readyState > 0) return false;
this._headers.set(name, value);
return true;
},
start: function() {
if (this.readyState !== 0) return false;
if (!Base.isWebSocket(this._request))
return this._failHandshake(new Error('Not a WebSocket request'));
var response;
try {
response = this._handshakeResponse();
} catch (error) {
return this._failHandshake(error);
}
this._write(response);
if (this._stage !== -1) this._open();
return true;
},
_failHandshake: function(error) {
var headers = new Headers();
headers.set('Content-Type', 'text/plain');
headers.set('Content-Length', Buffer.byteLength(error.message, 'utf8'));
headers = ['HTTP/1.1 400 Bad Request', headers.toString(), error.message];
this._write(Buffer.from(headers.join('\r\n'), 'utf8'));
this._fail('protocol_error', error.message);
return false;
},
text: function(message) {
return this.frame(message);
},
binary: function(message) {
return false;
},
ping: function() {
return false;
},
pong: function() {
return false;
},
close: function(reason, code) {
if (this.readyState !== 1) return false;
this.readyState = 3;
this.emit('close', new Base.CloseEvent(null, null));
return true;
},
_open: function() {
this.readyState = 1;
this.__queue.forEach(function(args) { this.frame.apply(this, args) }, this);
this.__queue = [];
this.emit('open', new Base.OpenEvent());
},
_queue: function(message) {
this.__queue.push(message);
return true;
},
_write: function(chunk) {
var io = this.io;
if (io.readable) io.emit('data', chunk);
},
_fail: function(type, message) {
this.readyState = 2;
this.emit('error', new Error(message));
this.close();
}
};
for (var key in instance)
Base.prototype[key] = instance[key];
Base.ConnectEvent = function() {};
Base.OpenEvent = function() {};
Base.CloseEvent = function(code, reason) {
this.code = code;
this.reason = reason;
};
Base.MessageEvent = function(data) {
this.data = data;
};
Base.PingEvent = function(data) {
this.data = data;
};
Base.PongEvent = function(data) {
this.data = data;
};
module.exports = Base;

142
node_modules/websocket-driver/lib/websocket/driver/client.js generated vendored Normal file
View File

@@ -0,0 +1,142 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
crypto = require('crypto'),
url = require('url'),
util = require('util'),
HttpParser = require('../http_parser'),
Base = require('./base'),
Hybi = require('./hybi'),
Proxy = require('./proxy');
var Client = function(_url, options) {
this.version = 'hybi-' + Hybi.VERSION;
Hybi.call(this, null, _url, options);
this.readyState = -1;
this._key = Client.generateKey();
this._accept = Hybi.generateAccept(this._key);
this._http = new HttpParser('response');
var uri = url.parse(this.url),
auth = uri.auth && Buffer.from(uri.auth, 'utf8').toString('base64');
if (this.VALID_PROTOCOLS.indexOf(uri.protocol) < 0)
throw new Error(this.url + ' is not a valid WebSocket URL');
this._pathname = (uri.pathname || '/') + (uri.search || '');
this._headers.set('Host', uri.host);
this._headers.set('Upgrade', 'websocket');
this._headers.set('Connection', 'Upgrade');
this._headers.set('Sec-WebSocket-Key', this._key);
this._headers.set('Sec-WebSocket-Version', Hybi.VERSION);
if (this._protocols.length > 0)
this._headers.set('Sec-WebSocket-Protocol', this._protocols.join(', '));
if (auth)
this._headers.set('Authorization', 'Basic ' + auth);
};
util.inherits(Client, Hybi);
Client.generateKey = function() {
return crypto.randomBytes(16).toString('base64');
};
var instance = {
VALID_PROTOCOLS: ['ws:', 'wss:'],
proxy: function(origin, options) {
return new Proxy(this, origin, options);
},
start: function() {
if (this.readyState !== -1) return false;
this._write(this._handshakeRequest());
this.readyState = 0;
return true;
},
parse: function(chunk) {
if (this.readyState === 3) return;
if (this.readyState > 0) return Hybi.prototype.parse.call(this, chunk);
this._http.parse(chunk);
if (!this._http.isComplete()) return;
this._validateHandshake();
if (this.readyState === 3) return;
this._open();
this.parse(this._http.body);
},
_handshakeRequest: function() {
var extensions = this._extensions.generateOffer();
if (extensions)
this._headers.set('Sec-WebSocket-Extensions', extensions);
var start = 'GET ' + this._pathname + ' HTTP/1.1',
headers = [start, this._headers.toString(), ''];
return Buffer.from(headers.join('\r\n'), 'utf8');
},
_failHandshake: function(message) {
message = 'Error during WebSocket handshake: ' + message;
this.readyState = 3;
this.emit('error', new Error(message));
this.emit('close', new Base.CloseEvent(this.ERRORS.protocol_error, message));
},
_validateHandshake: function() {
this.statusCode = this._http.statusCode;
this.headers = this._http.headers;
if (this._http.error)
return this._failHandshake(this._http.error.message);
if (this._http.statusCode !== 101)
return this._failHandshake('Unexpected response code: ' + this._http.statusCode);
var headers = this._http.headers,
upgrade = headers['upgrade'] || '',
connection = headers['connection'] || '',
accept = headers['sec-websocket-accept'] || '',
protocol = headers['sec-websocket-protocol'] || '';
if (upgrade === '')
return this._failHandshake("'Upgrade' header is missing");
if (upgrade.toLowerCase() !== 'websocket')
return this._failHandshake("'Upgrade' header value is not 'WebSocket'");
if (connection === '')
return this._failHandshake("'Connection' header is missing");
if (connection.toLowerCase() !== 'upgrade')
return this._failHandshake("'Connection' header value is not 'Upgrade'");
if (accept !== this._accept)
return this._failHandshake('Sec-WebSocket-Accept mismatch');
this.protocol = null;
if (protocol !== '') {
if (this._protocols.indexOf(protocol) < 0)
return this._failHandshake('Sec-WebSocket-Protocol mismatch');
else
this.protocol = protocol;
}
try {
this._extensions.activate(this.headers['sec-websocket-extensions']);
} catch (e) {
return this._failHandshake(e.message);
}
}
};
for (var key in instance)
Client.prototype[key] = instance[key];
module.exports = Client;

123
node_modules/websocket-driver/lib/websocket/driver/draft75.js generated vendored Normal file
View File

@@ -0,0 +1,123 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
Base = require('./base'),
util = require('util');
var Draft75 = function(request, url, options) {
Base.apply(this, arguments);
this._stage = 0;
this.version = 'hixie-75';
this._headers.set('Upgrade', 'WebSocket');
this._headers.set('Connection', 'Upgrade');
this._headers.set('WebSocket-Origin', this._request.headers.origin);
this._headers.set('WebSocket-Location', this.url);
};
util.inherits(Draft75, Base);
var instance = {
close: function() {
if (this.readyState === 3) return false;
this.readyState = 3;
this.emit('close', new Base.CloseEvent(null, null));
return true;
},
parse: function(chunk) {
if (this.readyState > 1) return;
this._reader.put(chunk);
this._reader.eachByte(function(octet) {
var message;
switch (this._stage) {
case -1:
this._body.push(octet);
this._sendHandshakeBody();
break;
case 0:
this._parseLeadingByte(octet);
break;
case 1:
this._length = (octet & 0x7F) + 128 * this._length;
if (this._closing && this._length === 0) {
return this.close();
}
else if ((octet & 0x80) !== 0x80) {
if (this._length === 0) {
this._stage = 0;
}
else {
this._skipped = 0;
this._stage = 2;
}
}
break;
case 2:
if (octet === 0xFF) {
this._stage = 0;
message = Buffer.from(this._buffer).toString('utf8', 0, this._buffer.length);
this.emit('message', new Base.MessageEvent(message));
}
else {
if (this._length) {
this._skipped += 1;
if (this._skipped === this._length)
this._stage = 0;
} else {
this._buffer.push(octet);
if (this._buffer.length > this._maxLength) return this.close();
}
}
break;
}
}, this);
},
frame: function(buffer) {
if (this.readyState === 0) return this._queue([buffer]);
if (this.readyState > 1) return false;
if (typeof buffer !== 'string') buffer = buffer.toString();
var length = Buffer.byteLength(buffer),
frame = Buffer.allocUnsafe(length + 2);
frame[0] = 0x00;
frame.write(buffer, 1);
frame[frame.length - 1] = 0xFF;
this._write(frame);
return true;
},
_handshakeResponse: function() {
var start = 'HTTP/1.1 101 Web Socket Protocol Handshake',
headers = [start, this._headers.toString(), ''];
return Buffer.from(headers.join('\r\n'), 'utf8');
},
_parseLeadingByte: function(octet) {
if ((octet & 0x80) === 0x80) {
this._length = 0;
this._stage = 1;
} else {
delete this._length;
delete this._skipped;
this._buffer = [];
this._stage = 2;
}
}
};
for (var key in instance)
Draft75.prototype[key] = instance[key];
module.exports = Draft75;

117
node_modules/websocket-driver/lib/websocket/driver/draft76.js generated vendored Normal file
View File

@@ -0,0 +1,117 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
Base = require('./base'),
Draft75 = require('./draft75'),
crypto = require('crypto'),
util = require('util');
var numberFromKey = function(key) {
return parseInt((key.match(/[0-9]/g) || []).join(''), 10);
};
var spacesInKey = function(key) {
return (key.match(/ /g) || []).length;
};
var Draft76 = function(request, url, options) {
Draft75.apply(this, arguments);
this._stage = -1;
this._body = [];
this.version = 'hixie-76';
this._headers.clear();
this._headers.set('Upgrade', 'WebSocket');
this._headers.set('Connection', 'Upgrade');
this._headers.set('Sec-WebSocket-Origin', this._request.headers.origin);
this._headers.set('Sec-WebSocket-Location', this.url);
};
util.inherits(Draft76, Draft75);
var instance = {
BODY_SIZE: 8,
start: function() {
if (!Draft75.prototype.start.call(this)) return false;
this._started = true;
this._sendHandshakeBody();
return true;
},
close: function() {
if (this.readyState === 3) return false;
if (this.readyState === 1) this._write(Buffer.from([0xFF, 0x00]));
this.readyState = 3;
this.emit('close', new Base.CloseEvent(null, null));
return true;
},
_handshakeResponse: function() {
var headers = this._request.headers,
key1 = headers['sec-websocket-key1'],
key2 = headers['sec-websocket-key2'];
if (!key1) throw new Error('Missing required header: Sec-WebSocket-Key1');
if (!key2) throw new Error('Missing required header: Sec-WebSocket-Key2');
var number1 = numberFromKey(key1),
spaces1 = spacesInKey(key1),
number2 = numberFromKey(key2),
spaces2 = spacesInKey(key2);
if (number1 % spaces1 !== 0 || number2 % spaces2 !== 0)
throw new Error('Client sent invalid Sec-WebSocket-Key headers');
this._keyValues = [number1 / spaces1, number2 / spaces2];
var start = 'HTTP/1.1 101 WebSocket Protocol Handshake',
headers = [start, this._headers.toString(), ''];
return Buffer.from(headers.join('\r\n'), 'binary');
},
_handshakeSignature: function() {
if (this._body.length < this.BODY_SIZE) return null;
var md5 = crypto.createHash('md5'),
buffer = Buffer.allocUnsafe(8 + this.BODY_SIZE);
buffer.writeUInt32BE(this._keyValues[0], 0);
buffer.writeUInt32BE(this._keyValues[1], 4);
Buffer.from(this._body).copy(buffer, 8, 0, this.BODY_SIZE);
md5.update(buffer);
return Buffer.from(md5.digest('binary'), 'binary');
},
_sendHandshakeBody: function() {
if (!this._started) return;
var signature = this._handshakeSignature();
if (!signature) return;
this._write(signature);
this._stage = 0;
this._open();
if (this._body.length > this.BODY_SIZE)
this.parse(this._body.slice(this.BODY_SIZE));
},
_parseLeadingByte: function(octet) {
if (octet !== 0xFF)
return Draft75.prototype._parseLeadingByte.call(this, octet);
this._closing = true;
this._length = 0;
this._stage = 1;
}
};
for (var key in instance)
Draft76.prototype[key] = instance[key];
module.exports = Draft76;

35
node_modules/websocket-driver/lib/websocket/driver/headers.js generated vendored Normal file
View File

@@ -0,0 +1,35 @@
'use strict';
var Headers = function() {
this.clear();
};
Headers.prototype.ALLOWED_DUPLICATES = ['set-cookie', 'set-cookie2', 'warning', 'www-authenticate'];
Headers.prototype.clear = function() {
this._sent = {};
this._lines = [];
};
Headers.prototype.set = function(name, value) {
if (value === undefined) return;
name = this._strip(name);
value = this._strip(value);
var key = name.toLowerCase();
if (!this._sent.hasOwnProperty(key) || this.ALLOWED_DUPLICATES.indexOf(key) >= 0) {
this._sent[key] = true;
this._lines.push(name + ': ' + value + '\r\n');
}
};
Headers.prototype.toString = function() {
return this._lines.join('');
};
Headers.prototype._strip = function(string) {
return string.toString().replace(/^ */, '').replace(/ *$/, '');
};
module.exports = Headers;

483
node_modules/websocket-driver/lib/websocket/driver/hybi.js generated vendored Normal file
View File

@@ -0,0 +1,483 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
crypto = require('crypto'),
util = require('util'),
Extensions = require('websocket-extensions'),
Base = require('./base'),
Frame = require('./hybi/frame'),
Message = require('./hybi/message');
var Hybi = function(request, url, options) {
Base.apply(this, arguments);
this._extensions = new Extensions();
this._stage = 0;
this._masking = this._options.masking;
this._protocols = this._options.protocols || [];
this._requireMasking = this._options.requireMasking;
this._pingCallbacks = {};
if (typeof this._protocols === 'string')
this._protocols = this._protocols.split(/ *, */);
if (!this._request) return;
var protos = this._request.headers['sec-websocket-protocol'],
supported = this._protocols;
if (protos !== undefined) {
if (typeof protos === 'string') protos = protos.split(/ *, */);
this.protocol = protos.filter(function(p) { return supported.indexOf(p) >= 0 })[0];
}
this.version = 'hybi-' + Hybi.VERSION;
};
util.inherits(Hybi, Base);
Hybi.VERSION = '13';
Hybi.mask = function(payload, mask, offset) {
if (!mask || mask.length === 0) return payload;
offset = offset || 0;
for (var i = 0, n = payload.length - offset; i < n; i++) {
payload[offset + i] = payload[offset + i] ^ mask[i % 4];
}
return payload;
};
Hybi.generateAccept = function(key) {
var sha1 = crypto.createHash('sha1');
sha1.update(key + Hybi.GUID);
return sha1.digest('base64');
};
Hybi.GUID = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11';
var instance = {
FIN: 0x80,
MASK: 0x80,
RSV1: 0x40,
RSV2: 0x20,
RSV3: 0x10,
OPCODE: 0x0F,
LENGTH: 0x7F,
OPCODES: {
continuation: 0,
text: 1,
binary: 2,
close: 8,
ping: 9,
pong: 10
},
OPCODE_CODES: [0, 1, 2, 8, 9, 10],
MESSAGE_OPCODES: [0, 1, 2],
OPENING_OPCODES: [1, 2],
ERRORS: {
normal_closure: 1000,
going_away: 1001,
protocol_error: 1002,
unacceptable: 1003,
encoding_error: 1007,
policy_violation: 1008,
too_large: 1009,
extension_error: 1010,
unexpected_condition: 1011
},
ERROR_CODES: [1000, 1001, 1002, 1003, 1007, 1008, 1009, 1010, 1011],
DEFAULT_ERROR_CODE: 1000,
MIN_RESERVED_ERROR: 3000,
MAX_RESERVED_ERROR: 4999,
// http://www.w3.org/International/questions/qa-forms-utf-8.en.php
UTF8_MATCH: /^([\x00-\x7F]|[\xC2-\xDF][\x80-\xBF]|\xE0[\xA0-\xBF][\x80-\xBF]|[\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}|\xED[\x80-\x9F][\x80-\xBF]|\xF0[\x90-\xBF][\x80-\xBF]{2}|[\xF1-\xF3][\x80-\xBF]{3}|\xF4[\x80-\x8F][\x80-\xBF]{2})*$/,
addExtension: function(extension) {
this._extensions.add(extension);
return true;
},
parse: function(chunk) {
this._reader.put(chunk);
var buffer = true;
while (buffer) {
switch (this._stage) {
case 0:
buffer = this._reader.read(1);
if (buffer) this._parseOpcode(buffer[0]);
break;
case 1:
buffer = this._reader.read(1);
if (buffer) this._parseLength(buffer[0]);
break;
case 2:
buffer = this._reader.read(this._frame.lengthBytes);
if (buffer) this._parseExtendedLength(buffer);
break;
case 3:
buffer = this._reader.read(4);
if (buffer) {
this._stage = 4;
this._frame.maskingKey = buffer;
}
break;
case 4:
buffer = this._reader.read(this._frame.length);
if (buffer) {
this._stage = 0;
this._emitFrame(buffer);
}
break;
default:
buffer = null;
}
}
},
text: function(message) {
if (this.readyState > 1) return false;
return this.frame(message, 'text');
},
binary: function(message) {
if (this.readyState > 1) return false;
return this.frame(message, 'binary');
},
ping: function(message, callback) {
if (this.readyState > 1) return false;
message = message || '';
if (callback) this._pingCallbacks[message] = callback;
return this.frame(message, 'ping');
},
pong: function(message) {
if (this.readyState > 1) return false;
message = message ||'';
return this.frame(message, 'pong');
},
close: function(reason, code) {
reason = reason || '';
code = code || this.ERRORS.normal_closure;
if (this.readyState <= 0) {
this.readyState = 3;
this.emit('close', new Base.CloseEvent(code, reason));
return true;
} else if (this.readyState === 1) {
this.readyState = 2;
this._extensions.close(function() { this.frame(reason, 'close', code) }, this);
return true;
} else {
return false;
}
},
frame: function(buffer, type, code) {
if (this.readyState <= 0) return this._queue([buffer, type, code]);
if (this.readyState > 2) return false;
if (buffer instanceof Array) buffer = Buffer.from(buffer);
if (typeof buffer === 'number') buffer = buffer.toString();
var message = new Message(),
isText = (typeof buffer === 'string'),
payload, copy;
message.rsv1 = message.rsv2 = message.rsv3 = false;
message.opcode = this.OPCODES[type || (isText ? 'text' : 'binary')];
payload = isText ? Buffer.from(buffer, 'utf8') : buffer;
if (code) {
copy = payload;
payload = Buffer.allocUnsafe(2 + copy.length);
payload.writeUInt16BE(code, 0);
copy.copy(payload, 2);
}
message.data = payload;
var onMessageReady = function(message) {
var frame = new Frame();
frame.final = true;
frame.rsv1 = message.rsv1;
frame.rsv2 = message.rsv2;
frame.rsv3 = message.rsv3;
frame.opcode = message.opcode;
frame.masked = !!this._masking;
frame.length = message.data.length;
frame.payload = message.data;
if (frame.masked) frame.maskingKey = crypto.randomBytes(4);
this._sendFrame(frame);
};
if (this.MESSAGE_OPCODES.indexOf(message.opcode) >= 0)
this._extensions.processOutgoingMessage(message, function(error, message) {
if (error) return this._fail('extension_error', error.message);
onMessageReady.call(this, message);
}, this);
else
onMessageReady.call(this, message);
return true;
},
_sendFrame: function(frame) {
var length = frame.length,
header = (length <= 125) ? 2 : (length <= 65535 ? 4 : 10),
offset = header + (frame.masked ? 4 : 0),
buffer = Buffer.allocUnsafe(offset + length),
masked = frame.masked ? this.MASK : 0;
buffer[0] = (frame.final ? this.FIN : 0) |
(frame.rsv1 ? this.RSV1 : 0) |
(frame.rsv2 ? this.RSV2 : 0) |
(frame.rsv3 ? this.RSV3 : 0) |
frame.opcode;
if (length <= 125) {
buffer[1] = masked | length;
} else if (length <= 65535) {
buffer[1] = masked | 126;
buffer.writeUInt16BE(length, 2);
} else {
buffer[1] = masked | 127;
buffer.writeUInt32BE(Math.floor(length / 0x100000000), 2);
buffer.writeUInt32BE(length % 0x100000000, 6);
}
frame.payload.copy(buffer, offset);
if (frame.masked) {
frame.maskingKey.copy(buffer, header);
Hybi.mask(buffer, frame.maskingKey, offset);
}
this._write(buffer);
},
_handshakeResponse: function() {
var secKey = this._request.headers['sec-websocket-key'],
version = this._request.headers['sec-websocket-version'];
if (version !== Hybi.VERSION)
throw new Error('Unsupported WebSocket version: ' + version);
if (typeof secKey !== 'string')
throw new Error('Missing handshake request header: Sec-WebSocket-Key');
this._headers.set('Upgrade', 'websocket');
this._headers.set('Connection', 'Upgrade');
this._headers.set('Sec-WebSocket-Accept', Hybi.generateAccept(secKey));
if (this.protocol) this._headers.set('Sec-WebSocket-Protocol', this.protocol);
var extensions = this._extensions.generateResponse(this._request.headers['sec-websocket-extensions']);
if (extensions) this._headers.set('Sec-WebSocket-Extensions', extensions);
var start = 'HTTP/1.1 101 Switching Protocols',
headers = [start, this._headers.toString(), ''];
return Buffer.from(headers.join('\r\n'), 'utf8');
},
_shutdown: function(code, reason, error) {
delete this._frame;
delete this._message;
this._stage = 5;
var sendCloseFrame = (this.readyState === 1);
this.readyState = 2;
this._extensions.close(function() {
if (sendCloseFrame) this.frame(reason, 'close', code);
this.readyState = 3;
if (error) this.emit('error', new Error(reason));
this.emit('close', new Base.CloseEvent(code, reason));
}, this);
},
_fail: function(type, message) {
if (this.readyState > 1) return;
this._shutdown(this.ERRORS[type], message, true);
},
_parseOpcode: function(octet) {
var rsvs = [this.RSV1, this.RSV2, this.RSV3].map(function(rsv) {
return (octet & rsv) === rsv;
});
var frame = this._frame = new Frame();
frame.final = (octet & this.FIN) === this.FIN;
frame.rsv1 = rsvs[0];
frame.rsv2 = rsvs[1];
frame.rsv3 = rsvs[2];
frame.opcode = (octet & this.OPCODE);
this._stage = 1;
if (!this._extensions.validFrameRsv(frame))
return this._fail('protocol_error',
'One or more reserved bits are on: reserved1 = ' + (frame.rsv1 ? 1 : 0) +
', reserved2 = ' + (frame.rsv2 ? 1 : 0) +
', reserved3 = ' + (frame.rsv3 ? 1 : 0));
if (this.OPCODE_CODES.indexOf(frame.opcode) < 0)
return this._fail('protocol_error', 'Unrecognized frame opcode: ' + frame.opcode);
if (this.MESSAGE_OPCODES.indexOf(frame.opcode) < 0 && !frame.final)
return this._fail('protocol_error', 'Received fragmented control frame: opcode = ' + frame.opcode);
if (this._message && this.OPENING_OPCODES.indexOf(frame.opcode) >= 0)
return this._fail('protocol_error', 'Received new data frame but previous continuous frame is unfinished');
},
_parseLength: function(octet) {
var frame = this._frame;
frame.masked = (octet & this.MASK) === this.MASK;
frame.length = (octet & this.LENGTH);
if (frame.length >= 0 && frame.length <= 125) {
this._stage = frame.masked ? 3 : 4;
if (!this._checkFrameLength()) return;
} else {
this._stage = 2;
frame.lengthBytes = (frame.length === 126 ? 2 : 8);
}
if (this._requireMasking && !frame.masked)
return this._fail('unacceptable', 'Received unmasked frame but masking is required');
},
_parseExtendedLength: function(buffer) {
var frame = this._frame;
frame.length = this._readUInt(buffer);
this._stage = frame.masked ? 3 : 4;
if (this.MESSAGE_OPCODES.indexOf(frame.opcode) < 0 && frame.length > 125)
return this._fail('protocol_error', 'Received control frame having too long payload: ' + frame.length);
if (!this._checkFrameLength()) return;
},
_checkFrameLength: function() {
var length = this._message ? this._message.length : 0;
if (length + this._frame.length > this._maxLength) {
this._fail('too_large', 'WebSocket frame length too large');
return false;
} else {
return true;
}
},
_emitFrame: function(buffer) {
var frame = this._frame,
payload = frame.payload = Hybi.mask(buffer, frame.maskingKey),
opcode = frame.opcode,
message,
code, reason,
callbacks, callback;
delete this._frame;
if (opcode === this.OPCODES.continuation) {
if (!this._message) return this._fail('protocol_error', 'Received unexpected continuation frame');
this._message.pushFrame(frame);
}
if (opcode === this.OPCODES.text || opcode === this.OPCODES.binary) {
this._message = new Message();
this._message.pushFrame(frame);
}
if (frame.final && this.MESSAGE_OPCODES.indexOf(opcode) >= 0)
return this._emitMessage(this._message);
if (opcode === this.OPCODES.close) {
code = (payload.length >= 2) ? payload.readUInt16BE(0) : null;
reason = (payload.length > 2) ? this._encode(payload.slice(2)) : null;
if (!(payload.length === 0) &&
!(code !== null && code >= this.MIN_RESERVED_ERROR && code <= this.MAX_RESERVED_ERROR) &&
this.ERROR_CODES.indexOf(code) < 0)
code = this.ERRORS.protocol_error;
if (payload.length > 125 || (payload.length > 2 && !reason))
code = this.ERRORS.protocol_error;
this._shutdown(code || this.DEFAULT_ERROR_CODE, reason || '');
}
if (opcode === this.OPCODES.ping) {
this.frame(payload, 'pong');
this.emit('ping', new Base.PingEvent(payload.toString()))
}
if (opcode === this.OPCODES.pong) {
callbacks = this._pingCallbacks;
message = this._encode(payload);
callback = callbacks[message];
delete callbacks[message];
if (callback) callback()
this.emit('pong', new Base.PongEvent(payload.toString()))
}
},
_emitMessage: function(message) {
var message = this._message;
message.read();
delete this._message;
this._extensions.processIncomingMessage(message, function(error, message) {
if (error) return this._fail('extension_error', error.message);
var payload = message.data;
if (message.opcode === this.OPCODES.text) payload = this._encode(payload);
if (payload === null)
return this._fail('encoding_error', 'Could not decode a text frame as UTF-8');
else
this.emit('message', new Base.MessageEvent(payload));
}, this);
},
_encode: function(buffer) {
try {
var string = buffer.toString('binary', 0, buffer.length);
if (!this.UTF8_MATCH.test(string)) return null;
} catch (e) {}
return buffer.toString('utf8', 0, buffer.length);
},
_readUInt: function(buffer) {
if (buffer.length === 2) return buffer.readUInt16BE(0);
return buffer.readUInt32BE(0) * 0x100000000 +
buffer.readUInt32BE(4);
}
};
for (var key in instance)
Hybi.prototype[key] = instance[key];
module.exports = Hybi;

21
node_modules/websocket-driver/lib/websocket/driver/hybi/frame.js generated vendored Normal file
View File

@@ -0,0 +1,21 @@
'use strict';
var Frame = function() {};
var instance = {
final: false,
rsv1: false,
rsv2: false,
rsv3: false,
opcode: null,
masked: false,
maskingKey: null,
lengthBytes: 1,
length: 0,
payload: null
};
for (var key in instance)
Frame.prototype[key] = instance[key];
module.exports = Frame;

34
node_modules/websocket-driver/lib/websocket/driver/hybi/message.js generated vendored Normal file
View File

@@ -0,0 +1,34 @@
'use strict';
var Buffer = require('safe-buffer').Buffer;
var Message = function() {
this.rsv1 = false;
this.rsv2 = false;
this.rsv3 = false;
this.opcode = null;
this.length = 0;
this._chunks = [];
};
var instance = {
read: function() {
return this.data = this.data || Buffer.concat(this._chunks, this.length);
},
pushFrame: function(frame) {
this.rsv1 = this.rsv1 || frame.rsv1;
this.rsv2 = this.rsv2 || frame.rsv2;
this.rsv3 = this.rsv3 || frame.rsv3;
if (this.opcode === null) this.opcode = frame.opcode;
this._chunks.push(frame.payload);
this.length += frame.length;
}
};
for (var key in instance)
Message.prototype[key] = instance[key];
module.exports = Message;

99
node_modules/websocket-driver/lib/websocket/driver/proxy.js generated vendored Normal file
View File

@@ -0,0 +1,99 @@
'use strict';
var Buffer = require('safe-buffer').Buffer,
Stream = require('stream').Stream,
url = require('url'),
util = require('util'),
Base = require('./base'),
Headers = require('./headers'),
HttpParser = require('../http_parser');
var PORTS = { 'ws:': 80, 'wss:': 443 };
var Proxy = function(client, origin, options) {
this._client = client;
this._http = new HttpParser('response');
this._origin = (typeof client.url === 'object') ? client.url : url.parse(client.url);
this._url = (typeof origin === 'object') ? origin : url.parse(origin);
this._options = options || {};
this._state = 0;
this.readable = this.writable = true;
this._paused = false;
this._headers = new Headers();
this._headers.set('Host', this._origin.host);
this._headers.set('Connection', 'keep-alive');
this._headers.set('Proxy-Connection', 'keep-alive');
var auth = this._url.auth && Buffer.from(this._url.auth, 'utf8').toString('base64');
if (auth) this._headers.set('Proxy-Authorization', 'Basic ' + auth);
};
util.inherits(Proxy, Stream);
var instance = {
setHeader: function(name, value) {
if (this._state !== 0) return false;
this._headers.set(name, value);
return true;
},
start: function() {
if (this._state !== 0) return false;
this._state = 1;
var origin = this._origin,
port = origin.port || PORTS[origin.protocol],
start = 'CONNECT ' + origin.hostname + ':' + port + ' HTTP/1.1';
var headers = [start, this._headers.toString(), ''];
this.emit('data', Buffer.from(headers.join('\r\n'), 'utf8'));
return true;
},
pause: function() {
this._paused = true;
},
resume: function() {
this._paused = false;
this.emit('drain');
},
write: function(chunk) {
if (!this.writable) return false;
this._http.parse(chunk);
if (!this._http.isComplete()) return !this._paused;
this.statusCode = this._http.statusCode;
this.headers = this._http.headers;
if (this.statusCode === 200) {
this.emit('connect', new Base.ConnectEvent());
} else {
var message = "Can't establish a connection to the server at " + this._origin.href;
this.emit('error', new Error(message));
}
this.end();
return !this._paused;
},
end: function(chunk) {
if (!this.writable) return;
if (chunk !== undefined) this.write(chunk);
this.readable = this.writable = false;
this.emit('close');
this.emit('end');
},
destroy: function() {
this.end();
}
};
for (var key in instance)
Proxy.prototype[key] = instance[key];
module.exports = Proxy;

112
node_modules/websocket-driver/lib/websocket/driver/server.js generated vendored Normal file
View File

@@ -0,0 +1,112 @@
'use strict';
var util = require('util'),
HttpParser = require('../http_parser'),
Base = require('./base'),
Draft75 = require('./draft75'),
Draft76 = require('./draft76'),
Hybi = require('./hybi');
var Server = function(options) {
Base.call(this, null, null, options);
this._http = new HttpParser('request');
};
util.inherits(Server, Base);
var instance = {
EVENTS: ['open', 'message', 'error', 'close', 'ping', 'pong'],
_bindEventListeners: function() {
this.messages.on('error', function() {});
this.on('error', function() {});
},
parse: function(chunk) {
if (this._delegate) return this._delegate.parse(chunk);
this._http.parse(chunk);
if (!this._http.isComplete()) return;
this.method = this._http.method;
this.url = this._http.url;
this.headers = this._http.headers;
this.body = this._http.body;
var self = this;
this._delegate = Server.http(this, this._options);
this._delegate.messages = this.messages;
this._delegate.io = this.io;
this._open();
this.EVENTS.forEach(function(event) {
this._delegate.on(event, function(e) { self.emit(event, e) });
}, this);
this.protocol = this._delegate.protocol;
this.version = this._delegate.version;
this.parse(this._http.body);
this.emit('connect', new Base.ConnectEvent());
},
_open: function() {
this.__queue.forEach(function(msg) {
this._delegate[msg[0]].apply(this._delegate, msg[1]);
}, this);
this.__queue = [];
}
};
['addExtension', 'setHeader', 'start', 'frame', 'text', 'binary', 'ping', 'close'].forEach(function(method) {
instance[method] = function() {
if (this._delegate) {
return this._delegate[method].apply(this._delegate, arguments);
} else {
this.__queue.push([method, arguments]);
return true;
}
};
});
for (var key in instance)
Server.prototype[key] = instance[key];
Server.isSecureRequest = function(request) {
if (request.connection && request.connection.authorized !== undefined) return true;
if (request.socket && request.socket.secure) return true;
var headers = request.headers;
if (!headers) return false;
if (headers['https'] === 'on') return true;
if (headers['x-forwarded-ssl'] === 'on') return true;
if (headers['x-forwarded-scheme'] === 'https') return true;
if (headers['x-forwarded-proto'] === 'https') return true;
return false;
};
Server.determineUrl = function(request) {
var scheme = this.isSecureRequest(request) ? 'wss:' : 'ws:';
return scheme + '//' + request.headers.host + request.url;
};
Server.http = function(request, options) {
options = options || {};
if (options.requireMasking === undefined) options.requireMasking = true;
var headers = request.headers,
version = headers['sec-websocket-version'],
key = headers['sec-websocket-key'],
key1 = headers['sec-websocket-key1'],
key2 = headers['sec-websocket-key2'],
url = this.determineUrl(request);
if (version || key)
return new Hybi(request, url, options);
else if (key1 || key2)
return new Draft76(request, url, options);
else
return new Draft75(request, url, options);
};
module.exports = Server;

69
node_modules/websocket-driver/lib/websocket/driver/stream_reader.js generated vendored Normal file
View File

@@ -0,0 +1,69 @@
'use strict';
var Buffer = require('safe-buffer').Buffer;
var StreamReader = function() {
this._queue = [];
this._queueSize = 0;
this._offset = 0;
};
StreamReader.prototype.put = function(buffer) {
if (!buffer || buffer.length === 0) return;
if (!Buffer.isBuffer(buffer)) buffer = Buffer.from(buffer);
this._queue.push(buffer);
this._queueSize += buffer.length;
};
StreamReader.prototype.read = function(length) {
if (length > this._queueSize) return null;
if (length === 0) return Buffer.alloc(0);
this._queueSize -= length;
var queue = this._queue,
remain = length,
first = queue[0],
buffers, buffer;
if (first.length >= length) {
if (first.length === length) {
return queue.shift();
} else {
buffer = first.slice(0, length);
queue[0] = first.slice(length);
return buffer;
}
}
for (var i = 0, n = queue.length; i < n; i++) {
if (remain < queue[i].length) break;
remain -= queue[i].length;
}
buffers = queue.splice(0, i);
if (remain > 0 && queue.length > 0) {
buffers.push(queue[0].slice(0, remain));
queue[0] = queue[0].slice(remain);
}
return Buffer.concat(buffers, length);
};
StreamReader.prototype.eachByte = function(callback, context) {
var buffer, n, index;
while (this._queue.length > 0) {
buffer = this._queue[0];
n = buffer.length;
while (this._offset < n) {
index = this._offset;
this._offset += 1;
callback.call(context, buffer[index]);
}
this._offset = 0;
this._queue.shift();
}
};
module.exports = StreamReader;

135
node_modules/websocket-driver/lib/websocket/http_parser.js generated vendored Normal file
View File

@@ -0,0 +1,135 @@
'use strict';
var NodeHTTPParser = require('http-parser-js').HTTPParser,
Buffer = require('safe-buffer').Buffer;
var TYPES = {
request: NodeHTTPParser.REQUEST || 'request',
response: NodeHTTPParser.RESPONSE || 'response'
};
var HttpParser = function(type) {
this._type = type;
this._parser = new NodeHTTPParser(TYPES[type]);
this._complete = false;
this.headers = {};
var current = null,
self = this;
this._parser.onHeaderField = function(b, start, length) {
current = b.toString('utf8', start, start + length).toLowerCase();
};
this._parser.onHeaderValue = function(b, start, length) {
var value = b.toString('utf8', start, start + length);
if (self.headers.hasOwnProperty(current))
self.headers[current] += ', ' + value;
else
self.headers[current] = value;
};
this._parser.onHeadersComplete = this._parser[NodeHTTPParser.kOnHeadersComplete] =
function(majorVersion, minorVersion, headers, method, pathname, statusCode) {
var info = arguments[0];
if (typeof info === 'object') {
method = info.method;
pathname = info.url;
statusCode = info.statusCode;
headers = info.headers;
}
self.method = (typeof method === 'number') ? HttpParser.METHODS[method] : method;
self.statusCode = statusCode;
self.url = pathname;
if (!headers) return;
for (var i = 0, n = headers.length, key, value; i < n; i += 2) {
key = headers[i].toLowerCase();
value = headers[i+1];
if (self.headers.hasOwnProperty(key))
self.headers[key] += ', ' + value;
else
self.headers[key] = value;
}
self._complete = true;
};
};
HttpParser.METHODS = {
0: 'DELETE',
1: 'GET',
2: 'HEAD',
3: 'POST',
4: 'PUT',
5: 'CONNECT',
6: 'OPTIONS',
7: 'TRACE',
8: 'COPY',
9: 'LOCK',
10: 'MKCOL',
11: 'MOVE',
12: 'PROPFIND',
13: 'PROPPATCH',
14: 'SEARCH',
15: 'UNLOCK',
16: 'BIND',
17: 'REBIND',
18: 'UNBIND',
19: 'ACL',
20: 'REPORT',
21: 'MKACTIVITY',
22: 'CHECKOUT',
23: 'MERGE',
24: 'M-SEARCH',
25: 'NOTIFY',
26: 'SUBSCRIBE',
27: 'UNSUBSCRIBE',
28: 'PATCH',
29: 'PURGE',
30: 'MKCALENDAR',
31: 'LINK',
32: 'UNLINK'
};
var VERSION = process.version
? process.version.match(/[0-9]+/g).map(function(n) { return parseInt(n, 10) })
: [];
if (VERSION[0] === 0 && VERSION[1] === 12) {
HttpParser.METHODS[16] = 'REPORT';
HttpParser.METHODS[17] = 'MKACTIVITY';
HttpParser.METHODS[18] = 'CHECKOUT';
HttpParser.METHODS[19] = 'MERGE';
HttpParser.METHODS[20] = 'M-SEARCH';
HttpParser.METHODS[21] = 'NOTIFY';
HttpParser.METHODS[22] = 'SUBSCRIBE';
HttpParser.METHODS[23] = 'UNSUBSCRIBE';
HttpParser.METHODS[24] = 'PATCH';
HttpParser.METHODS[25] = 'PURGE';
}
HttpParser.prototype.isComplete = function() {
return this._complete;
};
HttpParser.prototype.parse = function(chunk) {
var consumed = this._parser.execute(chunk, 0, chunk.length);
if (typeof consumed !== 'number') {
this.error = consumed;
this._complete = true;
return;
}
if (this._complete)
this.body = (consumed < chunk.length)
? chunk.slice(consumed)
: Buffer.alloc(0);
};
module.exports = HttpParser;

146
node_modules/websocket-driver/lib/websocket/streams.js generated vendored Normal file
View File

@@ -0,0 +1,146 @@
'use strict';
/**
Streams in a WebSocket connection
---------------------------------
We model a WebSocket as two duplex streams: one stream is for the wire protocol
over an I/O socket, and the other is for incoming/outgoing messages.
+----------+ +---------+ +----------+
[1] write(chunk) -->| ~~~~~~~~ +----->| parse() +----->| ~~~~~~~~ +--> emit('data') [2]
| | +----+----+ | |
| | | | |
| IO | | [5] | Messages |
| | V | |
| | +---------+ | |
[4] emit('data') <--+ ~~~~~~~~ |<-----+ frame() |<-----+ ~~~~~~~~ |<-- write(chunk) [3]
+----------+ +---------+ +----------+
Message transfer in each direction is simple: IO receives a byte stream [1] and
sends this stream for parsing. The parser will periodically emit a complete
message text on the Messages stream [2]. Similarly, when messages are written
to the Messages stream [3], they are framed using the WebSocket wire format and
emitted via IO [4].
There is a feedback loop via [5] since some input from [1] will be things like
ping, pong and close frames. In these cases the protocol responds by emitting
responses directly back to [4] rather than emitting messages via [2].
For the purposes of flow control, we consider the sources of each Readable
stream to be as follows:
* [2] receives input from [1]
* [4] receives input from [1] and [3]
The classes below express the relationships described above without prescribing
anything about how parse() and frame() work, other than assuming they emit
'data' events to the IO and Messages streams. They will work with any protocol
driver having these two methods.
**/
var Stream = require('stream').Stream,
util = require('util');
var IO = function(driver) {
this.readable = this.writable = true;
this._paused = false;
this._driver = driver;
};
util.inherits(IO, Stream);
// The IO pause() and resume() methods will be called when the socket we are
// piping to gets backed up and drains. Since IO output [4] comes from IO input
// [1] and Messages input [3], we need to tell both of those to return false
// from write() when this stream is paused.
IO.prototype.pause = function() {
this._paused = true;
this._driver.messages._paused = true;
};
IO.prototype.resume = function() {
this._paused = false;
this.emit('drain');
var messages = this._driver.messages;
messages._paused = false;
messages.emit('drain');
};
// When we receive input from a socket, send it to the parser and tell the
// source whether to back off.
IO.prototype.write = function(chunk) {
if (!this.writable) return false;
this._driver.parse(chunk);
return !this._paused;
};
// The IO end() method will be called when the socket piping into it emits
// 'close' or 'end', i.e. the socket is closed. In this situation the Messages
// stream will not emit any more data so we emit 'end'.
IO.prototype.end = function(chunk) {
if (!this.writable) return;
if (chunk !== undefined) this.write(chunk);
this.writable = false;
var messages = this._driver.messages;
if (messages.readable) {
messages.readable = messages.writable = false;
messages.emit('end');
}
};
IO.prototype.destroy = function() {
this.end();
};
var Messages = function(driver) {
this.readable = this.writable = true;
this._paused = false;
this._driver = driver;
};
util.inherits(Messages, Stream);
// The Messages pause() and resume() methods will be called when the app that's
// processing the messages gets backed up and drains. If we're emitting
// messages too fast we should tell the source to slow down. Message output [2]
// comes from IO input [1].
Messages.prototype.pause = function() {
this._driver.io._paused = true;
};
Messages.prototype.resume = function() {
this._driver.io._paused = false;
this._driver.io.emit('drain');
};
// When we receive messages from the user, send them to the formatter and tell
// the source whether to back off.
Messages.prototype.write = function(message) {
if (!this.writable) return false;
if (typeof message === 'string') this._driver.text(message);
else this._driver.binary(message);
return !this._paused;
};
// The Messages end() method will be called when a stream piping into it emits
// 'end'. Many streams may be piped into the WebSocket and one of them ending
// does not mean the whole socket is done, so just process the input and move
// on leaving the socket open.
Messages.prototype.end = function(message) {
if (message !== undefined) this.write(message);
};
Messages.prototype.destroy = function() {};
exports.IO = IO;
exports.Messages = Messages;

21
node_modules/websocket-driver/node_modules/safe-buffer/LICENSE generated vendored Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) Feross Aboukhadijeh
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

584
node_modules/websocket-driver/node_modules/safe-buffer/README.md generated vendored Normal file
View File

@@ -0,0 +1,584 @@
# safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url]
[travis-image]: https://img.shields.io/travis/feross/safe-buffer/master.svg
[travis-url]: https://travis-ci.org/feross/safe-buffer
[npm-image]: https://img.shields.io/npm/v/safe-buffer.svg
[npm-url]: https://npmjs.org/package/safe-buffer
[downloads-image]: https://img.shields.io/npm/dm/safe-buffer.svg
[downloads-url]: https://npmjs.org/package/safe-buffer
[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg
[standard-url]: https://standardjs.com
#### Safer Node.js Buffer API
**Use the new Node.js Buffer APIs (`Buffer.from`, `Buffer.alloc`,
`Buffer.allocUnsafe`, `Buffer.allocUnsafeSlow`) in all versions of Node.js.**
**Uses the built-in implementation when available.**
## install
```
npm install safe-buffer
```
## usage
The goal of this package is to provide a safe replacement for the node.js `Buffer`.
It's a drop-in replacement for `Buffer`. You can use it by adding one `require` line to
the top of your node.js modules:
```js
var Buffer = require('safe-buffer').Buffer
// Existing buffer code will continue to work without issues:
new Buffer('hey', 'utf8')
new Buffer([1, 2, 3], 'utf8')
new Buffer(obj)
new Buffer(16) // create an uninitialized buffer (potentially unsafe)
// But you can use these new explicit APIs to make clear what you want:
Buffer.from('hey', 'utf8') // convert from many types to a Buffer
Buffer.alloc(16) // create a zero-filled buffer (safe)
Buffer.allocUnsafe(16) // create an uninitialized buffer (potentially unsafe)
```
## api
### Class Method: Buffer.from(array)
<!-- YAML
added: v3.0.0
-->
* `array` {Array}
Allocates a new `Buffer` using an `array` of octets.
```js
const buf = Buffer.from([0x62,0x75,0x66,0x66,0x65,0x72]);
// creates a new Buffer containing ASCII bytes
// ['b','u','f','f','e','r']
```
A `TypeError` will be thrown if `array` is not an `Array`.
### Class Method: Buffer.from(arrayBuffer[, byteOffset[, length]])
<!-- YAML
added: v5.10.0
-->
* `arrayBuffer` {ArrayBuffer} The `.buffer` property of a `TypedArray` or
a `new ArrayBuffer()`
* `byteOffset` {Number} Default: `0`
* `length` {Number} Default: `arrayBuffer.length - byteOffset`
When passed a reference to the `.buffer` property of a `TypedArray` instance,
the newly created `Buffer` will share the same allocated memory as the
TypedArray.
```js
const arr = new Uint16Array(2);
arr[0] = 5000;
arr[1] = 4000;
const buf = Buffer.from(arr.buffer); // shares the memory with arr;
console.log(buf);
// Prints: <Buffer 88 13 a0 0f>
// changing the TypedArray changes the Buffer also
arr[1] = 6000;
console.log(buf);
// Prints: <Buffer 88 13 70 17>
```
The optional `byteOffset` and `length` arguments specify a memory range within
the `arrayBuffer` that will be shared by the `Buffer`.
```js
const ab = new ArrayBuffer(10);
const buf = Buffer.from(ab, 0, 2);
console.log(buf.length);
// Prints: 2
```
A `TypeError` will be thrown if `arrayBuffer` is not an `ArrayBuffer`.
### Class Method: Buffer.from(buffer)
<!-- YAML
added: v3.0.0
-->
* `buffer` {Buffer}
Copies the passed `buffer` data onto a new `Buffer` instance.
```js
const buf1 = Buffer.from('buffer');
const buf2 = Buffer.from(buf1);
buf1[0] = 0x61;
console.log(buf1.toString());
// 'auffer'
console.log(buf2.toString());
// 'buffer' (copy is not changed)
```
A `TypeError` will be thrown if `buffer` is not a `Buffer`.
### Class Method: Buffer.from(str[, encoding])
<!-- YAML
added: v5.10.0
-->
* `str` {String} String to encode.
* `encoding` {String} Encoding to use, Default: `'utf8'`
Creates a new `Buffer` containing the given JavaScript string `str`. If
provided, the `encoding` parameter identifies the character encoding.
If not provided, `encoding` defaults to `'utf8'`.
```js
const buf1 = Buffer.from('this is a tést');
console.log(buf1.toString());
// prints: this is a tést
console.log(buf1.toString('ascii'));
// prints: this is a tC)st
const buf2 = Buffer.from('7468697320697320612074c3a97374', 'hex');
console.log(buf2.toString());
// prints: this is a tést
```
A `TypeError` will be thrown if `str` is not a string.
### Class Method: Buffer.alloc(size[, fill[, encoding]])
<!-- YAML
added: v5.10.0
-->
* `size` {Number}
* `fill` {Value} Default: `undefined`
* `encoding` {String} Default: `utf8`
Allocates a new `Buffer` of `size` bytes. If `fill` is `undefined`, the
`Buffer` will be *zero-filled*.
```js
const buf = Buffer.alloc(5);
console.log(buf);
// <Buffer 00 00 00 00 00>
```
The `size` must be less than or equal to the value of
`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is
`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will
be created if a `size` less than or equal to 0 is specified.
If `fill` is specified, the allocated `Buffer` will be initialized by calling
`buf.fill(fill)`. See [`buf.fill()`][] for more information.
```js
const buf = Buffer.alloc(5, 'a');
console.log(buf);
// <Buffer 61 61 61 61 61>
```
If both `fill` and `encoding` are specified, the allocated `Buffer` will be
initialized by calling `buf.fill(fill, encoding)`. For example:
```js
const buf = Buffer.alloc(11, 'aGVsbG8gd29ybGQ=', 'base64');
console.log(buf);
// <Buffer 68 65 6c 6c 6f 20 77 6f 72 6c 64>
```
Calling `Buffer.alloc(size)` can be significantly slower than the alternative
`Buffer.allocUnsafe(size)` but ensures that the newly created `Buffer` instance
contents will *never contain sensitive data*.
A `TypeError` will be thrown if `size` is not a number.
### Class Method: Buffer.allocUnsafe(size)
<!-- YAML
added: v5.10.0
-->
* `size` {Number}
Allocates a new *non-zero-filled* `Buffer` of `size` bytes. The `size` must
be less than or equal to the value of `require('buffer').kMaxLength` (on 64-bit
architectures, `kMaxLength` is `(2^31)-1`). Otherwise, a [`RangeError`][] is
thrown. A zero-length Buffer will be created if a `size` less than or equal to
0 is specified.
The underlying memory for `Buffer` instances created in this way is *not
initialized*. The contents of the newly created `Buffer` are unknown and
*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such
`Buffer` instances to zeroes.
```js
const buf = Buffer.allocUnsafe(5);
console.log(buf);
// <Buffer 78 e0 82 02 01>
// (octets will be different, every time)
buf.fill(0);
console.log(buf);
// <Buffer 00 00 00 00 00>
```
A `TypeError` will be thrown if `size` is not a number.
Note that the `Buffer` module pre-allocates an internal `Buffer` instance of
size `Buffer.poolSize` that is used as a pool for the fast allocation of new
`Buffer` instances created using `Buffer.allocUnsafe(size)` (and the deprecated
`new Buffer(size)` constructor) only when `size` is less than or equal to
`Buffer.poolSize >> 1` (floor of `Buffer.poolSize` divided by two). The default
value of `Buffer.poolSize` is `8192` but can be modified.
Use of this pre-allocated internal memory pool is a key difference between
calling `Buffer.alloc(size, fill)` vs. `Buffer.allocUnsafe(size).fill(fill)`.
Specifically, `Buffer.alloc(size, fill)` will *never* use the internal Buffer
pool, while `Buffer.allocUnsafe(size).fill(fill)` *will* use the internal
Buffer pool if `size` is less than or equal to half `Buffer.poolSize`. The
difference is subtle but can be important when an application requires the
additional performance that `Buffer.allocUnsafe(size)` provides.
### Class Method: Buffer.allocUnsafeSlow(size)
<!-- YAML
added: v5.10.0
-->
* `size` {Number}
Allocates a new *non-zero-filled* and non-pooled `Buffer` of `size` bytes. The
`size` must be less than or equal to the value of
`require('buffer').kMaxLength` (on 64-bit architectures, `kMaxLength` is
`(2^31)-1`). Otherwise, a [`RangeError`][] is thrown. A zero-length Buffer will
be created if a `size` less than or equal to 0 is specified.
The underlying memory for `Buffer` instances created in this way is *not
initialized*. The contents of the newly created `Buffer` are unknown and
*may contain sensitive data*. Use [`buf.fill(0)`][] to initialize such
`Buffer` instances to zeroes.
When using `Buffer.allocUnsafe()` to allocate new `Buffer` instances,
allocations under 4KB are, by default, sliced from a single pre-allocated
`Buffer`. This allows applications to avoid the garbage collection overhead of
creating many individually allocated Buffers. This approach improves both
performance and memory usage by eliminating the need to track and cleanup as
many `Persistent` objects.
However, in the case where a developer may need to retain a small chunk of
memory from a pool for an indeterminate amount of time, it may be appropriate
to create an un-pooled Buffer instance using `Buffer.allocUnsafeSlow()` then
copy out the relevant bits.
```js
// need to keep around a few small chunks of memory
const store = [];
socket.on('readable', () => {
const data = socket.read();
// allocate for retained data
const sb = Buffer.allocUnsafeSlow(10);
// copy the data into the new allocation
data.copy(sb, 0, 0, 10);
store.push(sb);
});
```
Use of `Buffer.allocUnsafeSlow()` should be used only as a last resort *after*
a developer has observed undue memory retention in their applications.
A `TypeError` will be thrown if `size` is not a number.
### All the Rest
The rest of the `Buffer` API is exactly the same as in node.js.
[See the docs](https://nodejs.org/api/buffer.html).
## Related links
- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660)
- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4)
## Why is `Buffer` unsafe?
Today, the node.js `Buffer` constructor is overloaded to handle many different argument
types like `String`, `Array`, `Object`, `TypedArrayView` (`Uint8Array`, etc.),
`ArrayBuffer`, and also `Number`.
The API is optimized for convenience: you can throw any type at it, and it will try to do
what you want.
Because the Buffer constructor is so powerful, you often see code like this:
```js
// Convert UTF-8 strings to hex
function toHex (str) {
return new Buffer(str).toString('hex')
}
```
***But what happens if `toHex` is called with a `Number` argument?***
### Remote Memory Disclosure
If an attacker can make your program call the `Buffer` constructor with a `Number`
argument, then they can make it allocate uninitialized memory from the node.js process.
This could potentially disclose TLS private keys, user data, or database passwords.
When the `Buffer` constructor is passed a `Number` argument, it returns an
**UNINITIALIZED** block of memory of the specified `size`. When you create a `Buffer` like
this, you **MUST** overwrite the contents before returning it to the user.
From the [node.js docs](https://nodejs.org/api/buffer.html#buffer_new_buffer_size):
> `new Buffer(size)`
>
> - `size` Number
>
> The underlying memory for `Buffer` instances created in this way is not initialized.
> **The contents of a newly created `Buffer` are unknown and could contain sensitive
> data.** Use `buf.fill(0)` to initialize a Buffer to zeroes.
(Emphasis our own.)
Whenever the programmer intended to create an uninitialized `Buffer` you often see code
like this:
```js
var buf = new Buffer(16)
// Immediately overwrite the uninitialized buffer with data from another buffer
for (var i = 0; i < buf.length; i++) {
buf[i] = otherBuf[i]
}
```
### Would this ever be a problem in real code?
Yes. It's surprisingly common to forget to check the type of your variables in a
dynamically-typed language like JavaScript.
Usually the consequences of assuming the wrong type is that your program crashes with an
uncaught exception. But the failure mode for forgetting to check the type of arguments to
the `Buffer` constructor is more catastrophic.
Here's an example of a vulnerable service that takes a JSON payload and converts it to
hex:
```js
// Take a JSON payload {str: "some string"} and convert it to hex
var server = http.createServer(function (req, res) {
var data = ''
req.setEncoding('utf8')
req.on('data', function (chunk) {
data += chunk
})
req.on('end', function () {
var body = JSON.parse(data)
res.end(new Buffer(body.str).toString('hex'))
})
})
server.listen(8080)
```
In this example, an http client just has to send:
```json
{
"str": 1000
}
```
and it will get back 1,000 bytes of uninitialized memory from the server.
This is a very serious bug. It's similar in severity to the
[the Heartbleed bug](http://heartbleed.com/) that allowed disclosure of OpenSSL process
memory by remote attackers.
### Which real-world packages were vulnerable?
#### [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht)
[Mathias Buus](https://github.com/mafintosh) and I
([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages,
[`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow
anyone on the internet to send a series of messages to a user of `bittorrent-dht` and get
them to reveal 20 bytes at a time of uninitialized memory from the node.js process.
Here's
[the commit](https://github.com/feross/bittorrent-dht/commit/6c7da04025d5633699800a99ec3fbadf70ad35b8)
that fixed it. We released a new fixed version, created a
[Node Security Project disclosure](https://nodesecurity.io/advisories/68), and deprecated all
vulnerable versions on npm so users will get a warning to upgrade to a newer version.
#### [`ws`](https://www.npmjs.com/package/ws)
That got us wondering if there were other vulnerable packages. Sure enough, within a short
period of time, we found the same issue in [`ws`](https://www.npmjs.com/package/ws), the
most popular WebSocket implementation in node.js.
If certain APIs were called with `Number` parameters instead of `String` or `Buffer` as
expected, then uninitialized server memory would be disclosed to the remote peer.
These were the vulnerable methods:
```js
socket.send(number)
socket.ping(number)
socket.pong(number)
```
Here's a vulnerable socket server with some echo functionality:
```js
server.on('connection', function (socket) {
socket.on('message', function (message) {
message = JSON.parse(message)
if (message.type === 'echo') {
socket.send(message.data) // send back the user's message
}
})
})
```
`socket.send(number)` called on the server, will disclose server memory.
Here's [the release](https://github.com/websockets/ws/releases/tag/1.0.1) where the issue
was fixed, with a more detailed explanation. Props to
[Arnout Kazemier](https://github.com/3rd-Eden) for the quick fix. Here's the
[Node Security Project disclosure](https://nodesecurity.io/advisories/67).
### What's the solution?
It's important that node.js offers a fast way to get memory otherwise performance-critical
applications would needlessly get a lot slower.
But we need a better way to *signal our intent* as programmers. **When we want
uninitialized memory, we should request it explicitly.**
Sensitive functionality should not be packed into a developer-friendly API that loosely
accepts many different types. This type of API encourages the lazy practice of passing
variables in without checking the type very carefully.
#### A new API: `Buffer.allocUnsafe(number)`
The functionality of creating buffers with uninitialized memory should be part of another
API. We propose `Buffer.allocUnsafe(number)`. This way, it's not part of an API that
frequently gets user input of all sorts of different types passed into it.
```js
var buf = Buffer.allocUnsafe(16) // careful, uninitialized memory!
// Immediately overwrite the uninitialized buffer with data from another buffer
for (var i = 0; i < buf.length; i++) {
buf[i] = otherBuf[i]
}
```
### How do we fix node.js core?
We sent [a PR to node.js core](https://github.com/nodejs/node/pull/4514) (merged as
`semver-major`) which defends against one case:
```js
var str = 16
new Buffer(str, 'utf8')
```
In this situation, it's implied that the programmer intended the first argument to be a
string, since they passed an encoding as a second argument. Today, node.js will allocate
uninitialized memory in the case of `new Buffer(number, encoding)`, which is probably not
what the programmer intended.
But this is only a partial solution, since if the programmer does `new Buffer(variable)`
(without an `encoding` parameter) there's no way to know what they intended. If `variable`
is sometimes a number, then uninitialized memory will sometimes be returned.
### What's the real long-term fix?
We could deprecate and remove `new Buffer(number)` and use `Buffer.allocUnsafe(number)` when
we need uninitialized memory. But that would break 1000s of packages.
~~We believe the best solution is to:~~
~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~
~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.allocUnsafe(number)`~~
#### Update
We now support adding three new APIs:
- `Buffer.from(value)` - convert from any type to a buffer
- `Buffer.alloc(size)` - create a zero-filled buffer
- `Buffer.allocUnsafe(size)` - create an uninitialized buffer with given size
This solves the core problem that affected `ws` and `bittorrent-dht` which is
`Buffer(variable)` getting tricked into taking a number argument.
This way, existing code continues working and the impact on the npm ecosystem will be
minimal. Over time, npm maintainers can migrate performance-critical code to use
`Buffer.allocUnsafe(number)` instead of `new Buffer(number)`.
### Conclusion
We think there's a serious design issue with the `Buffer` API as it exists today. It
promotes insecure software by putting high-risk functionality into a convenient API
with friendly "developer ergonomics".
This wasn't merely a theoretical exercise because we found the issue in some of the
most popular npm packages.
Fortunately, there's an easy fix that can be applied today. Use `safe-buffer` in place of
`buffer`.
```js
var Buffer = require('safe-buffer').Buffer
```
Eventually, we hope that node.js core can switch to this new, safer behavior. We believe
the impact on the ecosystem would be minimal since it's not a breaking change.
Well-maintained, popular packages would be updated to use `Buffer.alloc` quickly, while
older, insecure packages would magically become safe from this attack vector.
## links
- [Node.js PR: buffer: throw if both length and enc are passed](https://github.com/nodejs/node/pull/4514)
- [Node Security Project disclosure for `ws`](https://nodesecurity.io/advisories/67)
- [Node Security Project disclosure for`bittorrent-dht`](https://nodesecurity.io/advisories/68)
## credit
The original issues in `bittorrent-dht`
([disclosure](https://nodesecurity.io/advisories/68)) and
`ws` ([disclosure](https://nodesecurity.io/advisories/67)) were discovered by
[Mathias Buus](https://github.com/mafintosh) and
[Feross Aboukhadijeh](http://feross.org/).
Thanks to [Adam Baldwin](https://github.com/evilpacket) for helping disclose these issues
and for his work running the [Node Security Project](https://nodesecurity.io/).
Thanks to [John Hiesey](https://github.com/jhiesey) for proofreading this README and
auditing the code.
## license
MIT. Copyright (C) [Feross Aboukhadijeh](http://feross.org)

187
node_modules/websocket-driver/node_modules/safe-buffer/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,187 @@
declare module "safe-buffer" {
export class Buffer {
length: number
write(string: string, offset?: number, length?: number, encoding?: string): number;
toString(encoding?: string, start?: number, end?: number): string;
toJSON(): { type: 'Buffer', data: any[] };
equals(otherBuffer: Buffer): boolean;
compare(otherBuffer: Buffer, targetStart?: number, targetEnd?: number, sourceStart?: number, sourceEnd?: number): number;
copy(targetBuffer: Buffer, targetStart?: number, sourceStart?: number, sourceEnd?: number): number;
slice(start?: number, end?: number): Buffer;
writeUIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number;
writeUIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number;
writeIntLE(value: number, offset: number, byteLength: number, noAssert?: boolean): number;
writeIntBE(value: number, offset: number, byteLength: number, noAssert?: boolean): number;
readUIntLE(offset: number, byteLength: number, noAssert?: boolean): number;
readUIntBE(offset: number, byteLength: number, noAssert?: boolean): number;
readIntLE(offset: number, byteLength: number, noAssert?: boolean): number;
readIntBE(offset: number, byteLength: number, noAssert?: boolean): number;
readUInt8(offset: number, noAssert?: boolean): number;
readUInt16LE(offset: number, noAssert?: boolean): number;
readUInt16BE(offset: number, noAssert?: boolean): number;
readUInt32LE(offset: number, noAssert?: boolean): number;
readUInt32BE(offset: number, noAssert?: boolean): number;
readInt8(offset: number, noAssert?: boolean): number;
readInt16LE(offset: number, noAssert?: boolean): number;
readInt16BE(offset: number, noAssert?: boolean): number;
readInt32LE(offset: number, noAssert?: boolean): number;
readInt32BE(offset: number, noAssert?: boolean): number;
readFloatLE(offset: number, noAssert?: boolean): number;
readFloatBE(offset: number, noAssert?: boolean): number;
readDoubleLE(offset: number, noAssert?: boolean): number;
readDoubleBE(offset: number, noAssert?: boolean): number;
swap16(): Buffer;
swap32(): Buffer;
swap64(): Buffer;
writeUInt8(value: number, offset: number, noAssert?: boolean): number;
writeUInt16LE(value: number, offset: number, noAssert?: boolean): number;
writeUInt16BE(value: number, offset: number, noAssert?: boolean): number;
writeUInt32LE(value: number, offset: number, noAssert?: boolean): number;
writeUInt32BE(value: number, offset: number, noAssert?: boolean): number;
writeInt8(value: number, offset: number, noAssert?: boolean): number;
writeInt16LE(value: number, offset: number, noAssert?: boolean): number;
writeInt16BE(value: number, offset: number, noAssert?: boolean): number;
writeInt32LE(value: number, offset: number, noAssert?: boolean): number;
writeInt32BE(value: number, offset: number, noAssert?: boolean): number;
writeFloatLE(value: number, offset: number, noAssert?: boolean): number;
writeFloatBE(value: number, offset: number, noAssert?: boolean): number;
writeDoubleLE(value: number, offset: number, noAssert?: boolean): number;
writeDoubleBE(value: number, offset: number, noAssert?: boolean): number;
fill(value: any, offset?: number, end?: number): this;
indexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number;
lastIndexOf(value: string | number | Buffer, byteOffset?: number, encoding?: string): number;
includes(value: string | number | Buffer, byteOffset?: number, encoding?: string): boolean;
/**
* Allocates a new buffer containing the given {str}.
*
* @param str String to store in buffer.
* @param encoding encoding to use, optional. Default is 'utf8'
*/
constructor (str: string, encoding?: string);
/**
* Allocates a new buffer of {size} octets.
*
* @param size count of octets to allocate.
*/
constructor (size: number);
/**
* Allocates a new buffer containing the given {array} of octets.
*
* @param array The octets to store.
*/
constructor (array: Uint8Array);
/**
* Produces a Buffer backed by the same allocated memory as
* the given {ArrayBuffer}.
*
*
* @param arrayBuffer The ArrayBuffer with which to share memory.
*/
constructor (arrayBuffer: ArrayBuffer);
/**
* Allocates a new buffer containing the given {array} of octets.
*
* @param array The octets to store.
*/
constructor (array: any[]);
/**
* Copies the passed {buffer} data onto a new {Buffer} instance.
*
* @param buffer The buffer to copy.
*/
constructor (buffer: Buffer);
prototype: Buffer;
/**
* Allocates a new Buffer using an {array} of octets.
*
* @param array
*/
static from(array: any[]): Buffer;
/**
* When passed a reference to the .buffer property of a TypedArray instance,
* the newly created Buffer will share the same allocated memory as the TypedArray.
* The optional {byteOffset} and {length} arguments specify a memory range
* within the {arrayBuffer} that will be shared by the Buffer.
*
* @param arrayBuffer The .buffer property of a TypedArray or a new ArrayBuffer()
* @param byteOffset
* @param length
*/
static from(arrayBuffer: ArrayBuffer, byteOffset?: number, length?: number): Buffer;
/**
* Copies the passed {buffer} data onto a new Buffer instance.
*
* @param buffer
*/
static from(buffer: Buffer): Buffer;
/**
* Creates a new Buffer containing the given JavaScript string {str}.
* If provided, the {encoding} parameter identifies the character encoding.
* If not provided, {encoding} defaults to 'utf8'.
*
* @param str
*/
static from(str: string, encoding?: string): Buffer;
/**
* Returns true if {obj} is a Buffer
*
* @param obj object to test.
*/
static isBuffer(obj: any): obj is Buffer;
/**
* Returns true if {encoding} is a valid encoding argument.
* Valid string encodings in Node 0.12: 'ascii'|'utf8'|'utf16le'|'ucs2'(alias of 'utf16le')|'base64'|'binary'(deprecated)|'hex'
*
* @param encoding string to test.
*/
static isEncoding(encoding: string): boolean;
/**
* Gives the actual byte length of a string. encoding defaults to 'utf8'.
* This is not the same as String.prototype.length since that returns the number of characters in a string.
*
* @param string string to test.
* @param encoding encoding used to evaluate (defaults to 'utf8')
*/
static byteLength(string: string, encoding?: string): number;
/**
* Returns a buffer which is the result of concatenating all the buffers in the list together.
*
* If the list has no items, or if the totalLength is 0, then it returns a zero-length buffer.
* If the list has exactly one item, then the first item of the list is returned.
* If the list has more than one item, then a new Buffer is created.
*
* @param list An array of Buffer objects to concatenate
* @param totalLength Total length of the buffers when concatenated.
* If totalLength is not provided, it is read from the buffers in the list. However, this adds an additional loop to the function, so it is faster to provide the length explicitly.
*/
static concat(list: Buffer[], totalLength?: number): Buffer;
/**
* The same as buf1.compare(buf2).
*/
static compare(buf1: Buffer, buf2: Buffer): number;
/**
* Allocates a new buffer of {size} octets.
*
* @param size count of octets to allocate.
* @param fill if specified, buffer will be initialized by calling buf.fill(fill).
* If parameter is omitted, buffer will be filled with zeros.
* @param encoding encoding used for call to buf.fill while initalizing
*/
static alloc(size: number, fill?: string | Buffer | number, encoding?: string): Buffer;
/**
* Allocates a new buffer of {size} octets, leaving memory not initialized, so the contents
* of the newly created Buffer are unknown and may contain sensitive data.
*
* @param size count of octets to allocate
*/
static allocUnsafe(size: number): Buffer;
/**
* Allocates a new non-pooled buffer of {size} octets, leaving memory not initialized, so the contents
* of the newly created Buffer are unknown and may contain sensitive data.
*
* @param size count of octets to allocate
*/
static allocUnsafeSlow(size: number): Buffer;
}
}

65
node_modules/websocket-driver/node_modules/safe-buffer/index.js generated vendored Normal file
View File

@@ -0,0 +1,65 @@
/*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
/* eslint-disable node/no-deprecated-api */
var buffer = require('buffer')
var Buffer = buffer.Buffer
// alternative to using Object.keys for old browsers
function copyProps (src, dst) {
for (var key in src) {
dst[key] = src[key]
}
}
if (Buffer.from && Buffer.alloc && Buffer.allocUnsafe && Buffer.allocUnsafeSlow) {
module.exports = buffer
} else {
// Copy properties from require('buffer')
copyProps(buffer, exports)
exports.Buffer = SafeBuffer
}
function SafeBuffer (arg, encodingOrOffset, length) {
return Buffer(arg, encodingOrOffset, length)
}
SafeBuffer.prototype = Object.create(Buffer.prototype)
// Copy static methods from Buffer
copyProps(Buffer, SafeBuffer)
SafeBuffer.from = function (arg, encodingOrOffset, length) {
if (typeof arg === 'number') {
throw new TypeError('Argument must not be a number')
}
return Buffer(arg, encodingOrOffset, length)
}
SafeBuffer.alloc = function (size, fill, encoding) {
if (typeof size !== 'number') {
throw new TypeError('Argument must be a number')
}
var buf = Buffer(size)
if (fill !== undefined) {
if (typeof encoding === 'string') {
buf.fill(fill, encoding)
} else {
buf.fill(fill)
}
} else {
buf.fill(0)
}
return buf
}
SafeBuffer.allocUnsafe = function (size) {
if (typeof size !== 'number') {
throw new TypeError('Argument must be a number')
}
return Buffer(size)
}
SafeBuffer.allocUnsafeSlow = function (size) {
if (typeof size !== 'number') {
throw new TypeError('Argument must be a number')
}
return buffer.SlowBuffer(size)
}

51
node_modules/websocket-driver/node_modules/safe-buffer/package.json generated vendored Normal file
View File

@@ -0,0 +1,51 @@
{
"name": "safe-buffer",
"description": "Safer Node.js Buffer API",
"version": "5.2.1",
"author": {
"name": "Feross Aboukhadijeh",
"email": "feross@feross.org",
"url": "https://feross.org"
},
"bugs": {
"url": "https://github.com/feross/safe-buffer/issues"
},
"devDependencies": {
"standard": "*",
"tape": "^5.0.0"
},
"homepage": "https://github.com/feross/safe-buffer",
"keywords": [
"buffer",
"buffer allocate",
"node security",
"safe",
"safe-buffer",
"security",
"uninitialized"
],
"license": "MIT",
"main": "index.js",
"types": "index.d.ts",
"repository": {
"type": "git",
"url": "git://github.com/feross/safe-buffer.git"
},
"scripts": {
"test": "standard && tape test/*.js"
},
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/feross"
},
{
"type": "patreon",
"url": "https://www.patreon.com/feross"
},
{
"type": "consulting",
"url": "https://feross.org/support"
}
]
}

35
node_modules/websocket-driver/package.json generated vendored Normal file
View File

@@ -0,0 +1,35 @@
{
"name": "websocket-driver",
"description": "WebSocket protocol handler with pluggable I/O",
"homepage": "https://github.com/faye/websocket-driver-node",
"author": "James Coglan <jcoglan@gmail.com> (http://jcoglan.com/)",
"keywords": [
"websocket"
],
"license": "Apache-2.0",
"version": "0.7.4",
"engines": {
"node": ">=0.8.0"
},
"files": [
"lib"
],
"main": "./lib/websocket/driver",
"dependencies": {
"http-parser-js": ">=0.5.1",
"safe-buffer": ">=5.1.0",
"websocket-extensions": ">=0.1.1"
},
"devDependencies": {
"jstest": "*",
"permessage-deflate": "*"
},
"scripts": {
"test": "jstest spec/runner.js"
},
"repository": {
"type": "git",
"url": "git://github.com/faye/websocket-driver-node.git"
},
"bugs": "https://github.com/faye/websocket-driver-node/issues"
}