'Sec-WebSocket-Accept' header is missing in Chrome 17

allicarn picture allicarn · Feb 20, 2012 · Viewed 19.5k times · Source

Edit: I tried this phpwebsocket: http://www.wilky.it/Shared/phpwebsocket.zip and it works in Firefox, but my question still remains: how do I get websockets to work with a php server in Chrome 17?


I'm following the tutorial here: http://net.tutsplus.com/tutorials/javascript-ajax/start-using-html5-websockets-today/

It appears as though the client connects, and then immediately disconnects. I noticed this error in the console:

Error during WebSocket handshake: 'Sec-WebSocket-Accept' header is missing

I'm trying it in Chrome 17.0.963.56 on my WAMP localhost with the php_sockets extension enabled.

I saw mentioned somewhere that Chrome had changed what it supported, but it didn't go in depth on how to fix it. I was hoping someone could step me through it. (I'm brand new to websockets).

Server:

{PATH}>php startDaemon.php

2012-02-20 07:02:51 System: Socket Resource id #7 created.

2012-02-20 07:02:51 System: Socket bound to localhost:8000.

2012-02-20 07:02:51 System: Start listening on Socket.

2012-02-20 07:03:01 WebSocket: Resource id #8 CONNECTED!

2012-02-20 07:03:01 WebSocket: Requesting handshake…

2012-02-20 07:03:01 WebSocket: Handshaking…

2012-02-20 07:03:01 WebSocket: Done handshaking…

2012-02-20 07:03:01 WebSocket: Resource id #8 disconnected!

Client:

Socket Status: 0

Socket Status: 3 (Closed)

Answer

Jo Pango picture Jo Pango · Mar 17, 2012

I have the same problem (and I do not seem to be able to post a comment here, so I post a reply).

Actually, I just downloaded and tested phpwebsocket.

On safari 5.1.4, it works just fine.

On Chrome 17, I got the same error in the script log console:

Error during WebSocket handshake: 'Sec-WebSocket-Accept' header is missing

So, in websocket.class.php, I added to the header returned by server:

$accept = base64_encode(SHA1($key."258EAFA5-E914-47DA-95CA-C5AB0DC85B11"));

And I get the error:

Error during WebSocket handshake: Sec-WebSocket-Accept mismatch

Now, the header received by the server is:

GET /websocket/server.php HTTP/1.1
Upgrade: websocket
Connection: Upgrade
Host: localhost:12345
Origin: http://localhost:8888
Sec-WebSocket-Key: OqMJI0t/cOl6d6JNE+Op0g==
Sec-WebSocket-Version: 13

And the header sent back by the server is:

HTTP/1.1 101 WebSocket Protocol Handshake
Upgrade: WebSocket
Connection: Upgrade
Sec-WebSocket-Origin: http://localhost:8888
Sec-WebSocket-Location: ws://localhost:12345/websocket/server.php
Sec-WebSocket-Accept: ZjY5ODliNTViYzJlOTNkMjk4OTg3Y2U2NjQ3MTBlZjZiNzliYzk4Yg==

The Sec-WebSocket-Accept seems good, but still there is a mismatch error. Do you see a mistake somewhere? Maybe the protocol has changed to calculate the Sec-WebSocket-Accept, but I don't find it... Thanks for your help!

Edit: Here seems to be the solution (for me, at least): adding the parameter true to the SHA1 function, as found in files given in this issue thread. So, the Sec-WebSocket-Accept must be found like this:

$accept = base64_encode(SHA1($key."258EAFA5-E914-47DA-95CA-C5AB0DC85B11", true));

And, Sec-WebSocket-Key1 and Sec-WebSocket-Key2 does not seem to be present anymore in the client request, instead, $key must be extracted from the header: "Sec-WebSocket-Key".

New issue: It seems too that even if the web socket connection now works on the handshake, it disconnects when the first message is sent.