From: Kyle Kelley <kyle.kelley@rackspace.com>
Date: Tue, 25 Feb 2014 02:32:36 +0000 (-0600)
Subject: Move origin parsing in to check_origin
X-Git-Tag: v4.0.0b1~35^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb39ba2cdd939955bab9f354c2ac2eb5ed572ea9;p=thirdparty%2Ftornado.git

Move origin parsing in to check_origin
---

diff --git a/tornado/websocket.py b/tornado/websocket.py
index 94164de56..e9fa3d2e9 100644
--- a/tornado/websocket.py
+++ b/tornado/websocket.py
@@ -154,16 +154,6 @@ class WebSocketHandler(tornado.web.RequestHandler):
         else:
             origin = self.request.headers.get("Sec-Websocket-Origin", None)
 
-        # If we have an origin, normalize
-        if(origin):
-            # Due to how stdlib's urlparse is implemented, urls without a //
-            # are interpreted to be paths (resulting in netloc being None)
-            if("//" not in origin):
-                origin = "//" + origin
-            parsed_origin = urlparse(origin)
-            origin = parsed_origin.netloc
-            origin = origin.lower()
-
         # When origin is None, assume it didn't come from a browser and we can
         # pass it on
         if origin is None:
@@ -296,6 +286,14 @@ class WebSocketHandler(tornado.web.RequestHandler):
         browsers, since WebSockets don't have CORS headers.
         """
 
+        # Due to how stdlib's urlparse is implemented, urls without a //
+        # are interpreted to be paths (resulting in netloc being None)
+        if("//" not in origin):
+            origin = "//" + origin
+        parsed_origin = urlparse(origin)
+        origin = parsed_origin.netloc
+        origin = origin.lower()
+
         host = self.request.headers.get("Host")
 
         # Check to see that origin matches host directly, including ports