RFC 6455, "The WebSocket Protocol", December 2011Source of RFC: hybi (app)
Errata ID: 3150
Publication Format(s) : TEXT
Reported By: Robert Munyer
Date Reported: 2012-03-07
Verifier Name: Peter Saint-Andre
Date Verified: 2012-03-22
Section 4.1 says:
It should say:
The "test vector" for Sec-WebSocket-Key encoding, provided in RFC 6455 section 4.1, is wrong. It was processed by a base 64 encoder that was "improperly implemented" as mentioned in RFC 4648 section 3.5. Pad bits were not set to zero, which is a "MUST" requirement in RFC 4648, and was also required by many other RFCs, going back to RFC 989 in the 1980s. In the string "AQIDBAUGBwgJCgsMDQ4PEC==", the final C should be changed to A.
In a Sec-WebSocket-Key header sent by a properly implemented client, the last letter will always be A, Q, g or w.