- From: Ian Hickson <ian@hixie.ch>
- Date: Mon, 7 Jul 2008 19:16:00 +0000 (UTC)
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: "public-html@w3.org" <public-html@w3.org>
On Mon, 7 Jul 2008, Julian Reschke wrote: > > In this case I would advise to have that handshake *after* the websocket > connection has been established (so in the case where this actually goes > through a real HTTP server, *after* the 101 is returned). Keep in mind > that there are other things that could go wrong, such as the server > returning the headers "Upgrade:" or "Connection:" in a different order, > or interleaving them with other headers (such as "Date:"). We can't. If the handshake occurs after the first byte sent over the connection, it would be far too easy for someone to smuggle in a fake handshake. Furthermore, one of our core requirements is the ability to implement a Web Socket Protocol server without any HTTP server involvement, and so we can't build this on HTTP. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 7 July 2008 19:16:39 UTC