verifyClient callback now accepts "headers" parameter

doc/ws.md

@@ -53,6 +53,9 @@ if `verifyClient` is provided with two arguments then those are:
     error status code to be sent to the client.
   - `name` {String} When `result` is `false` this field determines the HTTP
     reason phrase.
+  - `headers` {Object} When `result` is `false` this field determines additional 
+    HTTP headers to be sent to the client. 
+    For example, `{ 'Set-Cookie': 'abortReason=tooManyConnections' }`.
 
 
 `handleProtocols` takes two arguments:

lib/websocket-server.js

@@ -204,8 +204,10 @@ class WebSocketServer extends EventEmitter {
       };
 
       if (this.options.verifyClient.length === 2) {
-        this.options.verifyClient(info, (verified, code, message) => {
-          if (!verified) return abortHandshake(socket, code || 401, message);
+        this.options.verifyClient(info, (verified, code, message, headers) => {
+          if (!verified) {
+            return abortHandshake(socket, code || 401, message, headers);
+          }
 
           this.completeUpgrade(extensions, req, socket, head, cb);
         });
@@ -330,17 +332,22 @@ function socketOnError () {
  * @param {net.Socket} socket The socket of the upgrade request
  * @param {Number} code The HTTP response status code
  * @param {String} [message] The HTTP response body
+ * @param {Object} [headers] Additional HTTP response headers
  * @private
  */
-function abortHandshake (socket, code, message) {
+function abortHandshake (socket, code, message, headers) {
   if (socket.writable) {
     message = message || http.STATUS_CODES[code];
+    headers = Object.assign({
+      'Connection': 'close',
+      'Content-type': 'text/html',
+      'Content-Length': Buffer.byteLength(message)
+    }, headers);
+
     socket.write(
       `HTTP/1.1 ${code} ${http.STATUS_CODES[code]}\r\n` +
-      'Connection: close\r\n' +
-      'Content-type: text/html\r\n' +
-      `Content-Length: ${Buffer.byteLength(message)}\r\n` +
-      '\r\n' +
+      Object.keys(headers).map(h => `${h}: ${headers[h]}`).join('\r\n') +
+      '\r\n\r\n' +
       message
     );
   }

test/websocket-server.test.js

@@ -576,6 +576,37 @@ describe('WebSocketServer', function () {
           done(new Error("Unexpected 'connection' event"));
         });
       });
+
+      it('can reject client asynchronously with your headers', function (done) {
+        const wss = new WebSocket.Server({
+          verifyClient: (info, cb) => process.nextTick(cb, false, 401, '', {
+            'Set-Cookie': 'abortReason=tooManyConnections'
+          }),
+          port: 0
+        }, () => {
+          const req = http.get({
+            port: wss.address().port,
+            headers: {
+              'Connection': 'Upgrade',
+              'Upgrade': 'websocket',
+              'Sec-WebSocket-Key': 'dGhlIHNhbXBsZSBub25jZQ==',
+              'Sec-WebSocket-Version': 8
+            }
+          });
+
+          req.on('response', (res) => {
+            assert.deepStrictEqual(
+              res.headers['set-cookie'],
+              ['abortReason=tooManyConnections']
+            );
+            wss.close(done);
+          });
+        });
+
+        wss.on('connection', (ws) => {
+          done(new Error("Unexpected 'connection' event"));
+        });
+      });
     });
 
     it("doesn't emit the 'connection' event if socket is closed prematurely", function (done) {