When sending a packet with a close opcode (0x8). One would expect the server to terminate the socket and all sessions created through it.
Currently this is not the case and this can be tested by doing the following:
- Open websocket (handshake etc..)
- Send a message with a session UUID (that we'll call x) and a script : cal = 5+5
- Send a 'close' request and terminate the socket.
- Open another websocket connection
- Send a message with a session UUID of x and a script : cal
This last event should generate an error (cal shouldn't be defined). Instead it continues by sending back 10 as if the session were still alive.
If there is no tracking of the sessions opened through a specific socket connection, then perhaps we can join the following payload to the 'close' packet:
The server will know to terminate session x at this stage.