Re: [hybi] Web sockets and existing HTTP stacks
Mridul Muralidharan <mridulm80@yahoo.com> Wed, 03 February 2010 06:45 UTC
Return-Path: <mridulm80@yahoo.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A1D463A6870 for <hybi@core3.amsl.com>; Tue, 2 Feb 2010 22:45:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.169
X-Spam-Level:
X-Spam-Status: No, score=-2.169 tagged_above=-999 required=5 tests=[AWL=-0.564, BAYES_00=-2.599, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id urcO0dKswOSY for <hybi@core3.amsl.com>; Tue, 2 Feb 2010 22:45:54 -0800 (PST)
Received: from web95410.mail.in2.yahoo.com (web95410.mail.in2.yahoo.com [203.104.18.234]) by core3.amsl.com (Postfix) with SMTP id 17EFD3A6860 for <hybi@ietf.org>; Tue, 2 Feb 2010 22:45:52 -0800 (PST)
Received: (qmail 24036 invoked by uid 60001); 3 Feb 2010 06:46:29 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1265179589; bh=ZnlMeWD9WX4ievn1NwyUD7am1aeLKNCYJ4J7FF8q8/c=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=5PHs3c+t5DL7CFdhexMgwFr6LqIQMM6sntwGdzPjCQFJIlwyGoceiqPVuZFL45l+WOeq5xHTtKQq6EDDA7RYzvYuHoV2Na3uRry6FldGgv+fqD++V3fFFR8+l7dgvGG+VJzne1FSEaj9RrTwysLu8DTnXE22Ww10EM7BmnEO9S8=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=hpliM63IuJPckkXLVEB+Z4s5JI44LetF0TKMv4dqUJYkgzzWv/N0ZcRjCl0j55QsEpUBP4NnEmhiilOJAieg8/QwNWLQ0cEmw3bV3keP3kWjNrL+ecplyfhNQhhewHoKeOdTV6ycH6+d8ymt9iTKpXD1Oz3DeZGTqk3YkSVlhRY=;
Message-ID: <875177.23653.qm@web95410.mail.in2.yahoo.com>
X-YMail-OSG: gtQ05wUVM1kPgOplC1MRoJIxjmggiDiP6wuvnqP0X5GVSyRoRm22v5kDbXwf7NU9zT7_Emov.hjIgG42BDJx6fRoSUzLvxgZ.OX6AAcPHiPMiNj.qYFQd4YT...06y6lv.kRJkQTT3dE4HLKz2TgTbKllmb5TxdH0bCPi_Qi62biM.RDki.K_caCh4l.EHsBIoTkxPTnfz1NBVTe00TNXppLJaaDuVsXPqXJsAoIOuDYDvo4PKrfK43B3QTCecA_tV56ChMENackGLdCvB6QAzBQT0giB9Gsbe5XU8qtCWHJ14G1
Received: from [203.83.248.37] by web95410.mail.in2.yahoo.com via HTTP; Wed, 03 Feb 2010 12:16:29 IST
X-Mailer: YahooMailRC/272.7 YahooMailWebService/0.8.100.260964
References: <5c902b9e0912181640n497169cdrfa71f9a2908e6ef3@mail.gmail.com> <20091219005442.GA10949@shareable.org> <4B2C287E.1030006@webtide.com> <Pine.LNX.4.64.1001310835410.3846@ps20323.dreamhostps.com> <5821ea241001311219j111d25a3h27fb2d05a2ece32d@mail.gmail.com> <20100201012914.GC20940@shareable.org> <470737.82505.qm@web95410.mail.in2.yahoo.com> <ad99d8ce1001312340y1056d7f6w2c570bdbb724edb1@mail.gmail.com> <5A8D0931-23AA-4006-B49C-65F3244B76A1@mnot.net> <127594.17263.qm@web95407.mail.in2.yahoo.com> <20100203014432.GK32743@shareable.org>
Date: Wed, 03 Feb 2010 12:16:29 +0530
From: Mridul Muralidharan <mridulm80@yahoo.com>
To: Jamie Lokier <jamie@shareable.org>
In-Reply-To: <20100203014432.GK32743@shareable.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Cc: hybi@ietf.org
Subject: Re: [hybi] Web sockets and existing HTTP stacks
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 06:45:58 -0000
----- Original Message ---- > From: Jamie Lokier <jamie@shareable.org> > To: Mridul Muralidharan <mridulm80@yahoo.com> > Cc: Mark Nottingham <mnot@mnot.net>; Roberto Peon <fenix@google.com>; hybi@ietf.org > Sent: Wed, 3 February, 2010 7:14:32 AM > Subject: Re: [hybi] Web sockets and existing HTTP stacks > > Mridul Muralidharan wrote: > > There is a difference between sending an upgrade request, which is > > conforment with http spec - and so intermediaries/others being able to > > make a decision about whether to allow/honour it or not, and doing it > > by fudging requests by making it look like http. > > > > I am all for using http in the way it is meant to be used - even for > > bootstrapping non-http protocols : if done right, which is not opaque > > : but not when trying to piggyback on 'port 80 is open, let us use it > > since admin cant stop us'. > > In case you hadn't checked, WebSocket actually does use the HTTP > Upgrade mechanism. Firewalls which block HTTP Upgrade requests based > on the request and response headers can include blocking WebSocket, or > not as they choose, in their rules. > > In this regard, there is no fudging. > > The rigidity of WebSocket's spec forces senders to be more rigid in > what they send, and receivers to be more strict in what they accept. > This has the side effect that proxies which modify the request will > sometimes break it. But it does not prevent HTTP firewall function, > as long as it doesn't modify the messages when it's allowing them to > pass. I will need to recheck the latest draft spec later today, but my understanding was the it does not honour redirects, auth requests (proxy or server), insertion of arbitrary headers (c -> p1 -> p2 -> s) , reordering of headers, etc. Hopefully these are resolved now. If they are indeed resolved, I dont see the problem with bootstrapping using UPGRADE. On a related note, an oft repeated assumption is that client and server would be developed by the same 'person/team/company' - this, I believe, is very short sighted. As we have seen it in xmpp space, well defined protocols leads to explosion of client side libraries for various languages, frameworks, etc : allowing you to talk to any compliant server. > > > [Think using CONNECT to start sending arbitrary protocols : it is > > done a lot, but reason for having CONNECT enabled in proxies is not > > for arbitrary protocols, but just https]. > > Just a random FYI, CONNECT and port 443 are blocked in some locations, > because they want to be able to inspect all HTTP requests and block > those they can't inspect. Exactly my point, I would not like it as a user (if I cared about it : since this means I cant connect to my bank), but I would definitely want this ability if I were an admin. The ability to monitor & control access is very useful and probably fundamental. Regards, Mridul > > -- Jamie The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Jamie Lokier
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Greg Wilkins
- [hybi] Fwd: Web sockets and existing HTTP stacks Christian Biesinger
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Jamie Lokier
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Christian Biesinger
- Re: [hybi] Fwd: Web sockets and existing HTTP sta… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Ian Hickson
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Alexey Proskuryakov
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Justin Erenkrantz
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Jamie Lokier
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Justin Erenkrantz
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Jamie Lokier
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Mark Nottingham
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Ian Hickson
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Greg Wilkins
- Re: [hybi] [whatwg] Web sockets and existing HTTP… Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Ian Hickson
- Re: [hybi] Web sockets and existing HTTP stacks Justin Erenkrantz
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks L.Wood
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Justin Erenkrantz
- Re: [hybi] Web sockets and existing HTTP stacks SM
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Mark Nottingham
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Pieter Hintjens
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks SM
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- [hybi] Sentinel framing. was: Web sockets and exi… Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Francis Brosnan Blazquez
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Jamie Lokier
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Mridul Muralidharan
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Julian Reschke
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Roberto Peon
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak
- Re: [hybi] Web sockets and existing HTTP stacks Vladimir Katardjiev
- Re: [hybi] Web sockets and existing HTTP stacks Greg Wilkins
- Re: [hybi] Web sockets and existing HTTP stacks Maciej Stachowiak