From 9f877cd34b3e0f4a398b3f0cde8cc677bc7a14a6 Mon Sep 17 00:00:00 2001
From: Ryan Dahl <ry@tinyclouds.org>
Date: Tue, 14 May 2019 17:45:52 -0400
Subject: ws: make acceptable() more robust (denoland/deno_std#404)

Original: https://github.com/denoland/deno_std/commit/9e8e6f9356f75a68a20cf04d9620621485f5d1a0
---
 ws/mod.ts  |  5 ++++-
 ws/test.ts | 16 ++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/ws/mod.ts b/ws/mod.ts
index 3e20e2d3b..44743a2ce 100644
--- a/ws/mod.ts
+++ b/ws/mod.ts
@@ -341,9 +341,12 @@ class WebSocketImpl implements WebSocket {
 
 /** Return whether given headers is acceptable for websocket  */
 export function acceptable(req: { headers: Headers }): boolean {
+  const upgrade = req.headers.get("upgrade");
+  if (!upgrade || upgrade.toLowerCase() !== "websocket") {
+    return false;
+  }
   const secKey = req.headers.get("sec-websocket-key");
   return (
-    req.headers.get("upgrade") === "websocket" &&
     req.headers.has("sec-websocket-key") &&
     typeof secKey === "string" &&
     secKey.length > 0
diff --git a/ws/test.ts b/ws/test.ts
index 7b0bd6949..482d6926d 100644
--- a/ws/test.ts
+++ b/ws/test.ts
@@ -146,6 +146,22 @@ test(function wsAcceptable(): void {
     })
   });
   assertEquals(ret, true);
+
+  assert(
+    acceptable({
+      headers: new Headers([
+        ["connection", "Upgrade"],
+        ["host", "127.0.0.1:9229"],
+        [
+          "sec-websocket-extensions",
+          "permessage-deflate; client_max_window_bits"
+        ],
+        ["sec-websocket-key", "dGhlIHNhbXBsZSBub25jZQ=="],
+        ["sec-websocket-version", "13"],
+        ["upgrade", "WebSocket"]
+      ])
+    })
+  );
 });
 
 const invalidHeaders = [
-- 
cgit v1.2.3