From 0b635de34befcf6158ee82b59e7a912725d79ddd Mon Sep 17 00:00:00 2001
From: akadusei <attakusiadusei@gmail.com>
Date: Thu, 15 Aug 2024 00:13:59 +0000
Subject: [PATCH] Fix invalid websocket challenge verification

---
 CHANGELOG.md  | 1 +
 src/lester.cr | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 49fc9e1..46410a3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - Add missing `require "http"`
 - Add missing `require "http/web_socket"`
+- Fix invalid websocket challenge verification
 
 ## [1.0.0] - 2023-05-29
 
diff --git a/src/lester.cr b/src/lester.cr
index d85b428..5a0ec57 100644
--- a/src/lester.cr
+++ b/src/lester.cr
@@ -183,7 +183,7 @@ class Lester
   # Adapted from `HTTP::Websocket::Protocol.new`
   private def websocket_for_unix_socket(uri, headers)
     socket.try do |socket|
-      key = Random::Secure.base64(16)
+      key = Base64.strict_encode(StaticArray(UInt8, 16).new { rand(256).to_u8 })
 
       headers["Host"] = "#{uri.host}:#{uri.port}"
       headers["Connection"] = "Upgrade"