MessageWebSocket.ServerCustomValidationRequested Event

Definition

Occurs when a new MessageWebSocket connection to a secured server URI (wss: protocol) is being validated. Handle this event if you want to implement custom server validation for the connection.

// Register
event_token ServerCustomValidationRequested(TypedEventHandler<MessageWebSocket, WebSocketServerCustomValidationRequestedEventArgs const&> const& handler) const;

// Revoke with event_token
void ServerCustomValidationRequested(event_token const* cookie) const;

// Revoke with event_revoker
MessageWebSocket::ServerCustomValidationRequested_revoker ServerCustomValidationRequested(auto_revoke_t, TypedEventHandler<MessageWebSocket, WebSocketServerCustomValidationRequestedEventArgs const&> const& handler) const;
public event TypedEventHandler<MessageWebSocket,WebSocketServerCustomValidationRequestedEventArgs> ServerCustomValidationRequested;
function onServerCustomValidationRequested(eventArgs) { /* Your code */ }
messageWebSocket.addEventListener("servercustomvalidationrequested", onServerCustomValidationRequested);
messageWebSocket.removeEventListener("servercustomvalidationrequested", onServerCustomValidationRequested);
- or -
messageWebSocket.onservercustomvalidationrequested = onServerCustomValidationRequested;
Public Custom Event ServerCustomValidationRequested As TypedEventHandler(Of MessageWebSocket, WebSocketServerCustomValidationRequestedEventArgs) 

Event Type

Windows requirements

Device family
Windows 10 Anniversary Edition (introduced in 10.0.14393.0)
API contract
Windows.Foundation.UniversalApiContract (introduced in v3.0)

Remarks

Note that this event is raised after the default OS validation has been performed successfully, and that the default OS validation includes taking the IgnorableServerCertificateErrors control option into account.

Use the WebSocketServerCustomValidationRequestedEventArgs properties to access the server certificate and intermediate certificates being offered for validation.

In order to ensure proper completion, if your custom validation process involves any async operations, be sure to use the WebSocketServerCustomValidationRequestedEventArgs.GetDeferral method to get a deferral object that your event handler holds for the duration of the validation operation. When your validation is complete, you must call Deferral.Complete whether you accept or reject validation.

As an example of the kind of validation you can do in this event handler: you could compare the server certificate to a locally stored trusted certificate that matches the expected server certificate. In your event handler, you would compare the SHA-256 hash of the local certificate to the hash of the server certificate. If the hash values match, then the certificates are assumed to match, and server validation should succeed. If the hash values don't match, then the certificates don't match and validation should fail.

To indicate validation failure, call the WebSocketServerCustomValidationRequestedEventArgs.Reject method. To indicate validation success, simply return from the event handler.

Note that whether validation succeeds or fails, you must call Deferral.Complete on the deferral object you acquired when you started the validation process.

Applies to