debugger: validate sec-websocket-accept response header
First commit by @copperwall:
debugger: validate sec-websocket-accept response header
This addresses a TODO to validate that the sec-websocket-accept header
in the websocket handshake response is valid. To do this we need to
append the Websocket GUID to the original key sent in sec-websocket-key,
sha1 hash it, and then compare the base64 encoding with the value sent
in the sec-websocket-accept response header.
If they don't match, an error is thrown.
Second commit:
test: add test for websocket secret verification in debugger