WebSockets and FireFox

Question

Hi everyone and thanks in advance,

I'm rolling my own WebSocket server in C++ (I've also quickly rolled one in C# this morning to double check what's going on here) as per RFC 6455

I've read the standard and I now have a server that will successfully form a connection with a client. I can complete the handshake, and send data from a simple test client which is recieved properly at the other end.

When testing sending data to my server with FireFox/JS, I recieve a bunch of garbled symbols at the server end. I've monitered the socket with WireShark and determined that the server is correctly recieving the data, however I'm having trouble interpreting it.

I'm trying to send the string "test" (no quotes) to my server, last attempt it appeared like this:

0x81
0x84
0x1e
0x31
0x65
0xaf
0x6a
0x54
0x16
0xdb

Most of these arn't even printable characters, and every time I click Send these values change (with the exception of 0x81 which is always the first character. NB: This is BEFORE trying to trim the 0x00 and 0xFF padding as per the spec.

In FireFoxs handshake request, it does specify Accept-Encoding as follows:

Accept-Encoding: gzip, deflate

However, I've tried to uncompress with both GZIP and DEFLATE, both throw errors. I've also tried sending Lorem Ipsum to the server, which has the same result (0x81 followed by a mash of characters)

Can anyone shed any light on this? Is this actually compressed? Why does sending the same string give a different result each time? Does FireFox timestamp outgoing data? All I want is to correctly interpret the string at the server end back into "test"

Here is the full request from FireFox:

GET / HTTP/1.1
Host: 127.0.0.1:8888
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: null
Sec-WebSocket-Key: lXen8aJPlv/0JOZBb4WAtA==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

And here is my servers reply in full:

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: WHTW6PSJ/pWIPskBw0owBT/jacw=

This is successful and I get the OPEN even at the javascript end, then when I click a button to call send("test") I recieve the garbage shown in the first block of code above...

Answer 1

Take a look at section 5.3 of RFC 6455 (https://www.rfc-editor.org/rfc/rfc6455#section-5.3). Client to server websocket messages are masked using XOR and a key that is sent in the message header. You will need to unwrap this key and use it to decode the message. There is no compression involved.

In your specific example here, the first six bytes are the frame header. The last four bytes of the frame header are the masking key. If you XOR the four masking key bytes with your four remaining payload bytes You should get your "test" string back out.