From c9e72424b2abfbdc13e97555f4a6a837510ef3e8 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 07:55:01 -0700
Subject: [PATCH 1/7] Remove support for requests not made through dart:io
 Sockets

---
 pkgs/shelf_web_socket/CHANGELOG.md            |  4 ++-
 .../lib/src/web_socket_handler.dart           | 13 +++++++--
 pkgs/shelf_web_socket/pubspec.yaml            |  4 +--
 .../test/web_socket_test.dart                 | 28 +++++++++++++++++++
 4 files changed, 44 insertions(+), 5 deletions(-)

diff --git a/pkgs/shelf_web_socket/CHANGELOG.md b/pkgs/shelf_web_socket/CHANGELOG.md
index d3596cef..52a81d89 100644
--- a/pkgs/shelf_web_socket/CHANGELOG.md
+++ b/pkgs/shelf_web_socket/CHANGELOG.md
@@ -1,6 +1,8 @@
-## 1.0.5-wip
+## 1.9.9-wip
 
 * Require Dart `^3.0.0`.
+* **BREAKING:**: Remove support for hijacking WebSocket requests that are not
+  being transported using `dart:io` `Socket`s.
 
 ## 1.0.4
 
diff --git a/pkgs/shelf_web_socket/lib/src/web_socket_handler.dart b/pkgs/shelf_web_socket/lib/src/web_socket_handler.dart
index 17287655..a41ed697 100644
--- a/pkgs/shelf_web_socket/lib/src/web_socket_handler.dart
+++ b/pkgs/shelf_web_socket/lib/src/web_socket_handler.dart
@@ -3,8 +3,10 @@
 // BSD-style license that can be found in the LICENSE file.
 
 import 'dart:convert';
+import 'dart:io';
 
 import 'package:shelf/shelf.dart';
+import 'package:web_socket_channel/io.dart';
 import 'package:web_socket_channel/web_socket_channel.dart';
 
 /// A class that exposes a handler for upgrading WebSocket requests.
@@ -78,9 +80,16 @@ class WebSocketHandler {
       if (protocol != null) sink.add('Sec-WebSocket-Protocol: $protocol\r\n');
       sink.add('\r\n');
 
+      if (channel.sink is! Socket) {
+        throw ArgumentError('channel.sink must be a dart:io `Socket`.');
+      }
+
+      final webSocket = WebSocket.fromUpgradedSocket(channel.sink as Socket,
+          protocol: protocol, serverSide: true)
+        ..pingInterval = _pingInterval;
+
       // ignore: avoid_dynamic_calls
-      _onConnection(
-          WebSocketChannel(channel, pingInterval: _pingInterval), protocol);
+      _onConnection(IOWebSocketChannel(webSocket), protocol);
     });
   }
 
diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index 9c3fd945..12a36f97 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -1,5 +1,5 @@
 name: shelf_web_socket
-version: 1.0.5-wip
+version: 1.9.9-wip  # DO NOT SUBMIT! Should be 2.0.0.
 description: >
   A shelf handler that wires up a listener for every connection.
 repository: https://github.com/dart-lang/shelf/tree/master/pkgs/shelf_web_socket
@@ -14,7 +14,7 @@ environment:
 dependencies:
   shelf: ^1.1.0
   stream_channel: ^2.1.0
-  web_socket_channel: ^2.0.0
+  web_socket_channel: '>=2.0.0 <=4.0.0'
 
 dev_dependencies:
   dart_flutter_team_lints: ^2.0.0
diff --git a/pkgs/shelf_web_socket/test/web_socket_test.dart b/pkgs/shelf_web_socket/test/web_socket_test.dart
index b5195923..eb8e00bb 100644
--- a/pkgs/shelf_web_socket/test/web_socket_test.dart
+++ b/pkgs/shelf_web_socket/test/web_socket_test.dart
@@ -5,8 +5,10 @@
 import 'dart:io';
 
 import 'package:http/http.dart' as http;
+import 'package:shelf/shelf.dart';
 import 'package:shelf/shelf_io.dart' as shelf_io;
 import 'package:shelf_web_socket/shelf_web_socket.dart';
+import 'package:stream_channel/stream_channel.dart';
 import 'package:test/test.dart';
 import 'package:web_socket_channel/web_socket_channel.dart';
 
@@ -103,6 +105,32 @@ void main() {
     }
   });
 
+  test('cannot hijack non-Socket StreamChannel', () async {
+    final handler =
+        webSocketHandler((WebSocketChannel webSocket, String? protocol) {
+      expect(protocol, isNull);
+      webSocket.sink.close();
+    });
+
+    expect(
+        () => handler(Request('GET', Uri.parse('ws://example.com/'),
+                protocolVersion: '1.1',
+                headers: {
+                  'Host': 'example.com',
+                  'Upgrade': 'websocket',
+                  'Connection': 'Upgrade',
+                  'Sec-WebSocket-Key': 'x3JJHMbDL1EzLkh9GBhXDw==',
+                  'Sec-WebSocket-Version': '13',
+                  'Origin': 'http://example.com',
+                }, onHijack: (fn) {
+              // `.foreign` is not a Socket so hijacking the request should
+              // fail.
+              expect(() => fn(StreamChannelController<List<int>>().foreign),
+                  throwsArgumentError);
+            })),
+        throwsA(isA<HijackException>()));
+  });
+
   group('with a set of allowed origins', () {
     late HttpServer server;
     late Uri url;

From 5073c9a2bb32213ae2daa5850d9ebab823eebfa7 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 09:12:59 -0700
Subject: [PATCH 2/7] Update pubspec.yaml

---
 pkgs/shelf_web_socket/pubspec.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index 12a36f97..b11bb27b 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -1,5 +1,5 @@
 name: shelf_web_socket
-version: 1.9.9-wip  # DO NOT SUBMIT! Should be 2.0.0.
+version: 1.9.9-wip  # DO NOT SUBMIT! Should be 2.0.0-wip.
 description: >
   A shelf handler that wires up a listener for every connection.
 repository: https://github.com/dart-lang/shelf/tree/master/pkgs/shelf_web_socket

From 5d2da6825a35ac42b6222feb85e9a5d65e0fb47c Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 10:01:52 -0700
Subject: [PATCH 3/7] Update pubspec.yaml

---
 pkgs/shelf_web_socket/pubspec.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index b11bb27b..96405c83 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -14,7 +14,7 @@ environment:
 dependencies:
   shelf: ^1.1.0
   stream_channel: ^2.1.0
-  web_socket_channel: '>=2.0.0 <=4.0.0'
+  web_socket_channel: '>=2.0.0 <4.0.0'
 
 dev_dependencies:
   dart_flutter_team_lints: ^2.0.0

From 965548f0933d3470f5e4c55bf7ea24b3ece19b69 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 10:35:01 -0700
Subject: [PATCH 4/7] Update version

---
 pkgs/shelf_web_socket/CHANGELOG.md | 2 +-
 pkgs/shelf_web_socket/pubspec.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/shelf_web_socket/CHANGELOG.md b/pkgs/shelf_web_socket/CHANGELOG.md
index 52a81d89..5984e065 100644
--- a/pkgs/shelf_web_socket/CHANGELOG.md
+++ b/pkgs/shelf_web_socket/CHANGELOG.md
@@ -1,4 +1,4 @@
-## 1.9.9-wip
+## 2.0.0-wip
 
 * Require Dart `^3.0.0`.
 * **BREAKING:**: Remove support for hijacking WebSocket requests that are not
diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index 96405c83..d6b73253 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -1,5 +1,5 @@
 name: shelf_web_socket
-version: 1.9.9-wip  # DO NOT SUBMIT! Should be 2.0.0-wip.
+version: 2.0.0-wip
 description: >
   A shelf handler that wires up a listener for every connection.
 repository: https://github.com/dart-lang/shelf/tree/master/pkgs/shelf_web_socket

From 8da1f3b6863d31bcd985774d5daac5a5353537f0 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 11:21:06 -0700
Subject: [PATCH 5/7] Update pubspec.yaml

---
 pkgs/shelf_web_socket/pubspec.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index d6b73253..3f20d9aa 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -20,3 +20,6 @@ dev_dependencies:
   dart_flutter_team_lints: ^2.0.0
   http: '>=0.13.0 <2.0.0'
   test: ^1.16.0
+
+dependency_overrides:
+  test: 1.25.2

From 4e90087839a50bd5e99f4b18dcc10114a98b56c0 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 11:21:57 -0700
Subject: [PATCH 6/7] Update pubspec.yaml

---
 pkgs/shelf_web_socket/pubspec.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index 3f20d9aa..d07b4136 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -21,5 +21,7 @@ dev_dependencies:
   http: '>=0.13.0 <2.0.0'
   test: ^1.16.0
 
+# Remove this when a version of `package:test` is released that is compatible
+# with self_web_socket 2.x
 dependency_overrides:
   test: 1.25.2

From b18999b90c298451c8b20057571a73a274d2bfe0 Mon Sep 17 00:00:00 2001
From: Brian Quinlan <bquinlan@google.com>
Date: Fri, 5 Apr 2024 11:24:01 -0700
Subject: [PATCH 7/7] Update pubspec.yaml

---
 pkgs/shelf_web_socket/pubspec.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/shelf_web_socket/pubspec.yaml b/pkgs/shelf_web_socket/pubspec.yaml
index d07b4136..2a8f846b 100644
--- a/pkgs/shelf_web_socket/pubspec.yaml
+++ b/pkgs/shelf_web_socket/pubspec.yaml
@@ -14,7 +14,7 @@ environment:
 dependencies:
   shelf: ^1.1.0
   stream_channel: ^2.1.0
-  web_socket_channel: '>=2.0.0 <4.0.0'
+  web_socket_channel: ^2.0.0
 
 dev_dependencies:
   dart_flutter_team_lints: ^2.0.0