- From: Adam Barth <w3c@adambarth.com>
- Date: Tue, 29 Mar 2011 10:34:24 -0700
In this HyBi thread: http://www.ietf.org/mail-archive/web/hybi/current/msg06951.html Folks are arguing that the WebSocket protocol should support HTTP redirects during the handshake and that dealing with the security consequences of redirects should be dealt with at the API layer. If/when that occurs, we should update the API layer to deal with the security consequences of the WebSocket protocol following HTTP redirects, preferably by aborting any WebSocket connections that the server attempts to redirect. Adam
Received on Tuesday, 29 March 2011 10:34:24 UTC