- From: Kang-Hao (Kenny) Lu <kennyluck@w3.org>
- Date: Tue, 14 Jun 2011 23:41:46 +0800
- To: 中文HTML5同樂會ML <public-html-ig-zh@w3.org>
- Message-ID: <4DF7813A.1090006@w3.org>
從 WebKit 開發討論群組[1]轉來的文章[2],大意是說他(開發 chromium 的一個 日本人)想趕快實作新的 WebSocket 協定跟 API,雖然跟舊協定不兼容。因為: - 其他瀏覽器會支援新協定(Firefox Aurora 已經用新協定了) - 早一點換協定以後才不會吃大屎。Safari 跟 Chrome 是唯二預設打開 WebSocket 的 - 現在 Webkit 支援的協定有安全疑慮 所謂的安全疑慮,似乎跟我們之前討論過的[3]有關,但是我從來沒仔細看 WebSocket 的相關標準,給比較清楚的人解釋啦。 Kenny [1] http://lists.webkit.org/mailman/listinfo/webkit-dev [2] https://lists.webkit.org/pipermail/webkit-dev/2011-June/thread.html#17102 [3] http://lists.w3.org/Archives/Public/public-html-ig-zh/2010Dec/thread#msg27 -------- Original Message -------- Subject: [webkit-dev] Implementing new WebSocket protocol Date: Tue, 14 Jun 2011 23:55:53 +0900 From: Yuta Kitamura <yutak@chromium.org> To: webkit-dev@lists.webkit.org Hello, I would like to propose to start implementing the new WebSocket protocol which is discussed in IETF HyBi working group. Protocol draft: http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-09 JavaScript API draft: http://dev.w3.org/html5/websockets/ The new protocol is *incompatible* with the old one we are currently supporting. New additions include: - Binary frame support (Blob / ArrayBuffer) - Frame content masking (to solve security concern raised for the old draft) - Protocol extensions (such as frame compression) Because of the incompatibility, existing services using WebSockets are going to break. However, I think this is a necessary cost we have to pay eventually, because: - Other browsers are going to support the new protocol. (Firefox Aurora already includes support for the new protocol.) - The earlier we switch the protocols, the smaller shock there will be. Safari and Chrome are the only browsers that support WebSocket (the old protocol) by default. - There is a security concern raised for the protocol we are currently supporting. * How to proceed My original plan was to implement the new protocol directly (i.e. replacing the old implementation in-place). However Alexey (ap) objected to dropping support for the old protocol immediately. So, I'm currently planning to add a runtime flag to switch the WebSocket protocols used by a WebCore's WebSocket implementation. Other possibilities are to add a compile-time flag or to use (subversion's) branch, which are discussed at: https://bugs.webkit.org/show_bug.cgi?id=60348 The discussion in this bug has been stalled for a while, but I really would like to move forward. Comments and suggestions are greatly appreciated. Regards, Yuta
Attachments
- text/plain attachment: ________________________
Received on Tuesday, 14 June 2011 15:38:15 UTC