Websocket: The browser does not appear to receive data from the python server

advertisements

I'm working on creating a websocket server via python (I'm kinda new to python) and I've made a significant progress, but I am unable to send data to the web browser. I can establish a connection and receive data from the browser, but I cannot send back data. The browser just ignores it. I would assume that if the browser received a package that didn't follow the specifications, it would terminate the connection, but the connection stays active.

Here is the method I am using to encode the data into the frame:

def encode_message(data):
    frame = "\x81"
    size = len(data)
    if size * 8 <= 125:
        frame += chr(size)
    else:
        raise Exception("Uh, oh. Strings larger than 125 bits are not supported")

    return frame + data

I am sending the data using sock.sendall(framed_data). What could be the problem? The data for a message like "yo" ends up being 10000001 00000010 01111001 01101111 (spaces added for improved readability). Why doesn't the browser accept a message like this? Doesn't it follow the guidelines outlined in the specification? I am trying to support the most recent websocket version which I believe to be version 13. I am using python version 2.7.3.

I have tried to look at python websocket libraries' source code, but all of them seem to implement a deprecated version of the websocket protocol that has been shown to have vulnerabilities.

Here is the code that calls the function above:

def send(data):
    frame = encode_message(data)
    print "Sending all..."
    sock.sendall(frame) #Socket that handles all communications with client
    print "Frame sent :)"
    return

I also downloaded wireshark to sniff the packages sent between the server and the socket. The packages sent by my server are identical to those sent from a server that is accepted by the browser. I couldn't see any difference at all. (I looked directly at the hex source)


The second byte of your transmitted message (and the length check in your code) looks wrong. The length of a message is in bytes, not bits.

From RFC6455 ยง5.2 (my emphasis)

Payload length: 7 bits, 7+16 bits, or 7+64 bits

The length of the "Payload data", in bytes: if 0-125, that is the payload length.

The reason that nothing is received in the browser is that your message claims to have a 16 byte body. The browser will read the 2 additional bytes you send then block waiting for another 14 bytes that it expects but you don't send.

If you change the second byte to the number of bytes in the message - 0x2 or 00000010 binary - then things should work.