Skip to content

Instantly share code, notes, and snippets.

@htp

htp/curl-websocket.sh

Last active May 28, 2025 02:24
Show Gist options
  • Save htp/fbce19069187ec1cc486b594104f01d0 to your computer and use it in GitHub Desktop.
Save htp/fbce19069187ec1cc486b594104f01d0 to your computer and use it in GitHub Desktop.
Download ZIP
Test a WebSocket using curl.
Raw
curl-websocket.sh
curl --include \
--no-buffer \
--header "Connection: Upgrade" \
--header "Upgrade: websocket" \
--header "Host: example.com:80" \
--header "Origin: http://example.com:80" \
--header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
--header "Sec-WebSocket-Version: 13" \
http://example.com:80/
@realyukii
Copy link

realyukii commented May 27, 2025
edited
Loading

okay, changing Sec-WebSocket-key with the one provided from browser works (not sure why):

curl --include \
     --no-buffer \
     --header "Connection: Upgrade" \
     --header "Upgrade: websocket" \
     --header "Host: localhost:8080" \
     --header "Origin: http://localhost:8080" \
     --header "Sec-WebSocket-Key: 3tMWYzcHwmObiLR3nWOgsg==" \
     --header "Sec-WebSocket-Version: 13" \
     http://localhost:8080/
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: YLxhg+bEzrZXCaOyyI5QkRBIdT4=

�       something

EDIT:
after reading the wikipedia, turned out it just a random 16-byte encoded with base64, on Linux, you can generate it with:

head -c 16 /dev/urandom | base64

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment