cloudflare
diff --git a/‎src/workerd/api/tests/BUILD.bazel‎
Lines changed: 6 additions & 0 deletions b/‎src/workerd/api/tests/BUILD.bazel‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/workerd/api/tests/http-test.js‎
Lines changed: 2 additions & 1 deletion b/‎src/workerd/api/tests/http-test.js‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/workerd/api/tests/http-test.wd-test‎
Lines changed: 2 additions & 2 deletions b/‎src/workerd/api/tests/http-test.wd-test‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/workerd/api/tests/tail-worker-test.js‎
Lines changed: 1 addition & 1 deletion b/‎src/workerd/api/tests/tail-worker-test.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/workerd/api/tests/tail-worker-test.wd-test‎
Lines changed: 1 addition & 1 deletion b/‎src/workerd/api/tests/tail-worker-test.wd-test‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/workerd/api/tests/websocket-allow-half-open-test.js‎
Lines changed: 99 additions & 0 deletions b/‎src/workerd/api/tests/websocket-allow-half-open-test.js‎
Lines changed: 99 additions & 0 deletions
diff --git a/‎src/workerd/api/tests/websocket-allow-half-open-test.wd-test‎
Lines changed: 14 additions & 0 deletions b/‎src/workerd/api/tests/websocket-allow-half-open-test.wd-test‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎src/workerd/api/web-socket.c++‎
Lines changed: 38 additions & 14 deletions b/‎src/workerd/api/web-socket.c++‎
Lines changed: 38 additions & 14 deletions
diff --git a/‎src/workerd/api/web-socket.h‎
Lines changed: 31 additions & 0 deletions b/‎src/workerd/api/web-socket.h‎
Lines changed: 31 additions & 0 deletions
@@ -514,6 +514,12 @@ wd_test(
     data = ["url-test.js"],
 )
 
+wd_test(
+    src = "websocket-allow-half-open-test.wd-test",
+    args = ["--experimental"],
+    data = ["websocket-allow-half-open-test.js"],
+)
+
 wd_test(
     src = "websocket-constructor-test.wd-test",
     args = ["--experimental"],
 
@@ -224,7 +224,8 @@ export const test = {
     assert.notStrictEqual(webSocket, null);
     // The server-side WebSocketPair socket's binaryType depends on the compat flag.
     const bt = new WebSocketPair()[0].binaryType;
-    const wsStr = `WebSocket {\n    readyState: 1,\n    url: null,\n    protocol: '',\n    extensions: '',\n    binaryType: '${bt}'\n  }`;
+    const aho = new WebSocketPair()[0].allowHalfOpen;
+    const wsStr = `WebSocket {\n    readyState: 1,\n    url: null,\n    protocol: '',\n    extensions: '',\n    binaryType: '${bt}',\n    allowHalfOpen: ${aho}\n  }`;
     const messagePromise = new Promise((resolve) => {
       webSocket.addEventListener('message', (event) => {
         assert.strictEqual(
 
@@ -11,7 +11,7 @@ const unitTests :Workerd.Config = (
           ( name = "SERVICE", service = "http-test" ),
           ( name = "CACHE_ENABLED", json = "false" ),
         ],
-        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_disabled", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url"],
+        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_disabled", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url", "no_web_socket_half_open_by_default"],
       )
     ),
     ( name = "http-test-cache-option-enabled",
@@ -23,7 +23,7 @@ const unitTests :Workerd.Config = (
           ( name = "SERVICE", service = "http-test-cache-option-enabled" ),
           ( name = "CACHE_ENABLED", json = "true" ),
         ],
-        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_enabled", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url"],
+        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_enabled", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url", "no_web_socket_half_open_by_default"],
     ))
   ],
 );
@@ -12,7 +12,7 @@ const unitTests :Workerd.Config = (
           ( name = "SERVICE", service = "http-test" ),
           ( name = "CACHE_ENABLED", json = "false" ),
         ],
-        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_disabled", "queues_json_messages", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url"],
+        compatibilityFlags = ["nodejs_compat", "service_binding_extra_handlers", "cache_option_disabled", "queues_json_messages", "url_standard", "workers_api_getters_setters_on_prototype", "fetch_legacy_url", "no_web_socket_half_open_by_default"],
         streamingTails = ["log", "log-invalid"],
       ),
     ),
 
@@ -0,0 +1,99 @@
+// Copyright (c) 2017-2022 Cloudflare, Inc.
+// Licensed under the Apache 2.0 license found in the LICENSE file or at:
+//     https://opensource.org/licenses/Apache-2.0
+
+import { strictEqual } from 'node:assert';
+
+// Test that allowHalfOpen defaults to false when the compat flag is enabled.
+export const defaultAllowHalfOpenWithCompatFlag = {
+  async test() {
+    const pair = new WebSocketPair();
+    const [client, server] = Object.values(pair);
+    strictEqual(client.allowHalfOpen, false);
+    strictEqual(server.allowHalfOpen, false);
+  },
+};
+
+// Test that the setter works.
+export const setterOverridesDefault = {
+  async test() {
+    const pair = new WebSocketPair();
+    const [client, server] = Object.values(pair);
+    strictEqual(client.allowHalfOpen, false);
+    client.allowHalfOpen = true;
+    strictEqual(client.allowHalfOpen, true);
+    // Setting on one end doesn't affect the other.
+    strictEqual(server.allowHalfOpen, false);
+  },
+};
+
+// Test that when allowHalfOpen is false, a server-initiated close sets readyState to CLOSED.
+export const autoCloseReplyWhenNotHalfOpen = {
+  async test() {
+    const pair = new WebSocketPair();
+    const [client, server] = Object.values(pair);
+
+    client.accept();
+    server.accept();
+
+    // Ensure allowHalfOpen is false (spec-compliant behavior).
+    strictEqual(client.allowHalfOpen, false);
+
+    const closePromise = new Promise((resolve) => {
+      client.addEventListener('close', (event) => {
+        // When allowHalfOpen is false, the runtime auto-sends a close reply,
+        // so both closedIncoming and closedOutgoing are true — readyState should be CLOSED.
+        resolve({
+          readyState: client.readyState,
+          code: event.code,
+          wasClean: event.wasClean,
+        });
+      });
+    });
+
+    // Server initiates close.
+    server.close(1000, 'server closing');
+
+    const result = await closePromise;
+    strictEqual(result.readyState, WebSocket.CLOSED);
+    strictEqual(result.code, 1000);
+    strictEqual(result.wasClean, true);
+  },
+};
+
+// Test that when allowHalfOpen is true, a server-initiated close sets readyState to CLOSING.
+export const halfOpenCloseKeepsClosingState = {
+  async test() {
+    const pair = new WebSocketPair();
+    const [client, server] = Object.values(pair);
+
+    client.accept();
+    server.accept();
+
+    // Override to half-open mode via the setter.
+    client.allowHalfOpen = true;
+
+    const closePromise = new Promise((resolve) => {
+      client.addEventListener('close', (event) => {
+        // When allowHalfOpen is true, no auto-reply is sent, so only closedIncoming
+        // is true — readyState should be CLOSING.
+        resolve({
+          readyState: client.readyState,
+          code: event.code,
+          wasClean: event.wasClean,
+        });
+      });
+    });
+
+    // Server initiates close.
+    server.close(1000, 'server closing');
+
+    const result = await closePromise;
+    strictEqual(result.readyState, WebSocket.CLOSING);
+    strictEqual(result.code, 1000);
+    strictEqual(result.wasClean, true);
+
+    // The client must manually close to complete the handshake.
+    client.close(1000, 'client reply');
+  },
+};
@@ -0,0 +1,14 @@
+using Workerd = import "/workerd/workerd.capnp";
+
+const unitTests :Workerd.Config = (
+  services = [
+    ( name = "websocket-allow-half-open-test",
+      worker = (
+        modules = [
+          (name = "worker", esModule = embed "websocket-allow-half-open-test.js")
+        ],
+        compatibilityFlags = ["nodejs_compat", "no_web_socket_half_open_by_default"]
+      )
+    ),
+  ],
+);
@@ -57,6 +57,7 @@ WebSocket::WebSocket(
       binaryType_(FeatureFlags::get(js).getWebsocketBinaryTypeDefault() ? BinaryType::BLOB
                                                                         : BinaryType::ARRAYBUFFER),
       serializedAttachment(kj::mv(package.serializedAttachment)),
+      allowHalfOpen(package.allowHalfOpen),
       farNative(initNative(ioContext,
           ws,
           kj::mv(KJ_REQUIRE_NONNULL(package.maybeTags)),
@@ -76,6 +77,7 @@ WebSocket::WebSocket(jsg::Lock& js, kj::Own<kj::WebSocket> native)
       url(kj::none),
       binaryType_(FeatureFlags::get(js).getWebsocketBinaryTypeDefault() ? BinaryType::BLOB
                                                                         : BinaryType::ARRAYBUFFER),
+      allowHalfOpen(!FeatureFlags::get(js).getWebSocketCloseReadyStateClosed()),
       farNative(nullptr),
       outgoingMessages(IoContext::current().addObject(kj::heap<OutgoingMessagesMap>())) {
   auto nativeObj = kj::heap<Native>();
@@ -88,6 +90,7 @@ WebSocket::WebSocket(jsg::Lock& js, kj::String url)
       url(kj::mv(url)),
       binaryType_(FeatureFlags::get(js).getWebsocketBinaryTypeDefault() ? BinaryType::BLOB
                                                                         : BinaryType::ARRAYBUFFER),
+      allowHalfOpen(!FeatureFlags::get(js).getWebSocketCloseReadyStateClosed()),
       farNative(nullptr),
       outgoingMessages(IoContext::current().addObject(kj::heap<OutgoingMessagesMap>())) {
   auto nativeObj = kj::heap<Native>();
@@ -605,11 +608,8 @@ void WebSocket::send(jsg::Lock& js, kj::OneOf<kj::Array<byte>, kj::String> messa
     KJ_UNREACHABLE;
   }();
 
-  auto pendingAutoResponses =
-      autoResponseStatus.pendingAutoResponseDeque.size() - autoResponseStatus.queuedAutoResponses;
-  autoResponseStatus.queuedAutoResponses = autoResponseStatus.pendingAutoResponseDeque.size();
   outgoingMessages->insert(
-      GatedMessage{kj::mv(maybeOutputLock), kj::mv(msg), pendingAutoResponses});
+      GatedMessage{kj::mv(maybeOutputLock), kj::mv(msg), getPendingAutoResponseCount()});
 
   ensurePumping(js);
 }
@@ -680,22 +680,13 @@ void WebSocket::close(
 
   assertNoError(js);
 
-  // pendingAutoResponses stores the number of queuedAutoResponses that will be pumped before sending
-  // the current GatedMessage, guaranteeing order.
-  // queuedAutoResponses stores the total number of auto-response messages that are already in accounted
-  // for in previous GatedMessages. This is useful to easily calculate the number of pendingAutoResponses
-  // for each new GateMessage.
-  auto pendingAutoResponses =
-      autoResponseStatus.pendingAutoResponseDeque.size() - autoResponseStatus.queuedAutoResponses;
-  autoResponseStatus.queuedAutoResponses = autoResponseStatus.pendingAutoResponseDeque.size();
-
   outgoingMessages->insert(GatedMessage{IoContext::current().waitForOutputLocksIfNecessary(),
     kj::WebSocket::Close{
       // Code 1005 actually translates to sending a close message with no body on the wire.
       static_cast<uint16_t>(code.orDefault(1005)),
       kj::mv(reason).orDefault(jsg::USVString(kj::str())),
     },
-    pendingAutoResponses});
+    getPendingAutoResponseCount()});
 
   native.closedOutgoing = true;
   closedOutgoingForHib = true;
@@ -716,6 +707,14 @@ int WebSocket::getReadyState() {
   return READY_STATE_OPEN;
 }
 
+bool WebSocket::getAllowHalfOpen() {
+  return allowHalfOpen.toBool();
+}
+
+void WebSocket::setAllowHalfOpen(bool value) {
+  allowHalfOpen = AllowHalfOpen(value);
+}
+
 bool WebSocket::isAccepted() {
   return farNative->state.is<Accepted>();
 }
@@ -990,6 +989,13 @@ kj::Promise<void> WebSocket::pump(IoContext& context,
   completed = true;
 }
 
+size_t WebSocket::getPendingAutoResponseCount() {
+  auto count =
+      autoResponseStatus.pendingAutoResponseDeque.size() - autoResponseStatus.queuedAutoResponses;
+  autoResponseStatus.queuedAutoResponses = autoResponseStatus.pendingAutoResponseDeque.size();
+  return count;
+}
+
 void WebSocket::tryReleaseNative(jsg::Lock& js) {
   // If the native WebSocket is no longer needed (the connection closed) and there are no more
   // messages to send, we can discard the underlying connection.
@@ -1057,6 +1063,23 @@ kj::Promise<kj::Maybe<kj::Exception>> WebSocket::readLoop(
           }
           KJ_CASE_ONEOF(close, kj::WebSocket::Close) {
             native.closedIncoming = true;
+            if (!allowHalfOpen.toBool() && !native.closedOutgoing && !native.outgoingAborted &&
+                !native.state.is<Released>()) {
+              // When allowHalfOpen is false (the spec-compliant default with the
+              // no_web_socket_half_open_by_default compat flag), automatically send a reciprocal
+              // Close frame through the outgoing message pump so that readyState is CLOSED (3)
+              // when the close event fires. Skip if a close frame was already sent (e.g. the
+              // application called close() before the server sent its Close), or if the outgoing
+              // side is otherwise unusable.
+              outgoingMessages->insert(
+                  GatedMessage{IoContext::current().waitForOutputLocksIfNecessary(),
+                    kj::WebSocket::Close{close.code, kj::str(close.reason)},
+                    getPendingAutoResponseCount()});
+
+              native.closedOutgoing = true;
+              closedOutgoingForHib = true;
+              ensurePumping(js);
+            }
             dispatchEventImpl(js, js.alloc<CloseEvent>(close.code, kj::mv(close.reason), true));
             // Native WebSocket no longer needed; release.
             tryReleaseNative(js);
@@ -1202,6 +1225,7 @@ WebSocket::HibernationPackage WebSocket::buildPackageForHibernation() {
     .serializedAttachment = kj::mv(serializedAttachment),
     .maybeTags = kj::none,
     .closedOutgoingConnection = closedOutgoingForHib,
+    .allowHalfOpen = allowHalfOpen,
   };
 }
 
 
@@ -11,6 +11,7 @@
 #include <workerd/io/observer.h>
 #include <workerd/jsg/jsg.h>
 #include <workerd/util/checked-queue.h>
+#include <workerd/util/strong-bool.h>
 #include <workerd/util/weak-refs.h>
 
 #include <kj/compat/http.h>
@@ -88,6 +89,8 @@ class CloseEvent: public Event {
   bool clean;
 };
 
+WD_STRONG_BOOL(AllowHalfOpen);
+
 // The forward declaration is necessary so we can make some
 // WebSocket methods accessible to WebSocketPair via friend declaration.
 class WebSocket;
@@ -207,6 +210,9 @@ class WebSocket: public EventTarget {
 
     // True forever once the JS WebSocket calls `close()`.
     bool closedOutgoingConnection = false;
+
+    // Whether the WebSocket allows half-open close state.
+    AllowHalfOpen allowHalfOpen = AllowHalfOpen::YES;
   };
 
   ~WebSocket() noexcept(false) {
@@ -288,6 +294,11 @@ class WebSocket: public EventTarget {
   // JS API.
 
   // Creates a new outbound WebSocket.
+  // Note: we intentionally do not accept an options parameter here. The WPT
+  // constructor.any.js test verifies that extra arguments beyond (url, protocols)
+  // are silently ignored. Adding a third parameter would cause JSG to attempt
+  // deserialization of the stray argument, breaking that test. Instead, callers
+  // can set allowHalfOpen via the property after construction.
   static jsg::Ref<WebSocket> constructor(jsg::Lock& js,
       kj::String url,
       jsg::Optional<kj::OneOf<kj::Array<kj::String>, kj::String>> protocols);
@@ -328,6 +339,9 @@ class WebSocket: public EventTarget {
 
   int getReadyState();
 
+  bool getAllowHalfOpen();
+  void setAllowHalfOpen(bool value);
+
   bool isAccepted();
   bool isReleased();
 
@@ -373,12 +387,14 @@ class WebSocket: public EventTarget {
       JSG_READONLY_PROTOTYPE_PROPERTY(protocol, getProtocol);
       JSG_READONLY_PROTOTYPE_PROPERTY(extensions, getExtensions);
       JSG_PROTOTYPE_PROPERTY(binaryType, getBinaryType, setBinaryType);
+      JSG_PROTOTYPE_PROPERTY(allowHalfOpen, getAllowHalfOpen, setAllowHalfOpen);
     } else {
       JSG_READONLY_INSTANCE_PROPERTY(readyState, getReadyState);
       JSG_READONLY_INSTANCE_PROPERTY(url, getUrl);
       JSG_READONLY_INSTANCE_PROPERTY(protocol, getProtocol);
       JSG_READONLY_INSTANCE_PROPERTY(extensions, getExtensions);
       JSG_INSTANCE_PROPERTY(binaryType, getBinaryType, setBinaryType);
+      JSG_INSTANCE_PROPERTY(allowHalfOpen, getAllowHalfOpen, setAllowHalfOpen);
     }
 
     JSG_TS_DEFINE(type WebSocketEventMap = {
@@ -390,6 +406,8 @@ class WebSocket: public EventTarget {
     JSG_TS_OVERRIDE(extends EventTarget<WebSocketEventMap> {
       get binaryType(): "blob" | "arraybuffer";
       set binaryType(value: "blob" | "arraybuffer");
+      constructor(url: string, protocols?: string[] | string);
+      allowHalfOpen: boolean;
     });
   }
 
@@ -421,6 +439,14 @@ class WebSocket: public EventTarget {
   // `close()`, thereby preventing calls to `send()` even after we wake from hibernation.
   bool closedOutgoingForHib = false;
 
+  // When YES, a server-initiated close does NOT automatically send a reciprocal close frame,
+  // leaving readyState as CLOSING (2) when the close event fires. The application is then
+  // responsible for calling close() explicitly. When NO (spec-compliant default with the
+  // no_web_socket_half_open_by_default compat flag), a close reply is sent automatically and
+  // readyState is CLOSED (3) when the close event fires.
+  // Default is YES (legacy behavior); overridden from the compat flag at construction time.
+  AllowHalfOpen allowHalfOpen = AllowHalfOpen::YES;
+
   // Maximum allowed size for WebSocket messages
   inline static const size_t SUGGESTED_MAX_MESSAGE_SIZE = 1u << 20;
 
@@ -615,6 +641,11 @@ class WebSocket: public EventTarget {
 
   void ensurePumping(jsg::Lock& js);
 
+  // Returns the number of pending auto-responses that should be sent before the next outgoing
+  // message, and advances the queuedAutoResponses counter. Called each time a GatedMessage is
+  // inserted into outgoingMessages to guarantee auto-response ordering.
+  size_t getPendingAutoResponseCount();
+
   // Write messages from `outgoingMessages` into `ws`.
   //
   // These are not necessarily called under isolate lock, but they are called on the given