There's a number of websocket api changes I want to make, both short term and long term.
What I need to know is what is appropriate for versioning these changes in.
First the short term changes.
410175 - WebSocketSession#isSecure() doesn't return true for SSL session on the server side
The heart of this bug ...
Both the isSecure() flag is incorrect (a bug), and the URI returned from UpgradeRequest.getRequetURI() is the URI of the incoming servlet request (in other words the http/https scheme), not the ws:// format scheme.
WebSocketCreator.createWebSocket() should use servlet specific parameters
The createWebSocket() parameters are the generic API UpgradeRequest and UpgradeResponse interfaces. There has been a request to make that method be servlet specific.
This would introduce in the websocket-servlet package the ServletUpgradeRequest and ServletUpgradeResponse interfaces.
The existing implementations for this in websocket-server is will be adjusted to use this new interface.
This change will also help with the next bug
Make SSL client certificate information available to server websockets
This would expose the SSL client certificate in the new ServletUpgadeRequest interface (and implementation) for use in the WebSocketCreator.
These short term changes would affect the existing API so I don't want to make changes like this lightly, especially with the upcoming 9.0.x release and timing of the future 9.1.x branch.
For the longer term, we have many changes coming as a result of the JSR-356 (Java Websocket API) support, and that might be best put into the 9.1 release.
Any opinions on where and when to make these short term API changes?
--
Developer advice, services and support
from the Jetty & CometD experts