W3C home > Mailing lists > Public > public-device-apis@w3.org > April 2015

Re: [W3C TCP and UDP Socket API]: Status and home for this specification

From: Florian Bösch <pyalot@gmail.com>
Date: Wed, 1 Apr 2015 18:37:11 +0200
Message-ID: <CAOK8ODjCLvZ4Y29BdG8DSL34_n862XsXZQF+ZoqR-5GsYeNdcg@mail.gmail.com>
To: Jonas Sicking <jonas@sicking.cc>
Cc: Anne van Kesteren <annevk@annevk.nl>, Domenic Denicola <d@domenic.me>, "Nilsson, Claes1" <Claes1.Nilsson@sonymobile.com>, "public-sysapps@w3.org" <public-sysapps@w3.org>, public-webapps <public-webapps@w3.org>, Device APIs Working Group <public-device-apis@w3.org>, Domenic Denicola <domenic@domenicdenicola.com>, "slightlyoff@chromium.org" <slightlyoff@chromium.org>, "yasskin@gmail.com" <yasskin@gmail.com>
On Wed, Apr 1, 2015 at 6:02 PM, Jonas Sicking <jonas@sicking.cc> wrote:

> Not saying that we can use CORS to solve this, or that we should
> extend CORS to solve this. My point is that CORS works because it was
> specified and implemented across browsers. If we'd do something like
> what Domenic proposes, I think that would be true here too.
>
> However, in my experience the use case for the TCPSocket and UDPSocket
> APIs is to connect to existing hardware and software systems. Like
> printers or mail servers. Server-side opt-in is generally not possible
> for them.
>
Isn't the problem that these existing systems can't be changed (let's say
an IRC server) to support say WebSockets, and thus it'd be convenient to be
able to TCP to it. I think that is something CORS-like could actually
solve. You could deploy (on the same origin) a webserver that handles the
opt-in for that origin/port/protocol and then the webserver can open a
connection to it. For example:

var socket = new Socket(); socket.connect('example.com', 194);

->

RAW-SOCKET-OPTIONS HTTP/1.1
port: 194
host: example.com

->

HTTP/1.1 200 OK
Access-Control-Allow-Origin: example.com

-> browser opens a TCP connection to example.com 194.

So you don't need to upgrade the existing system for server authorization.
You just need to deploy a (http compatible) authorative source on the same
origin that can give a browser the answer it desires.
Received on Wednesday, 1 April 2015 16:37:39 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:05 UTC