Re: [hybi] "Establish a WebSocket Connection" does not allow for cookies
Anne van Kesteren <annevk@annevk.nl> Sun, 06 September 2015 15:12 UTC
Return-Path: <annevk@annevk.nl>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E97061B30AD for <hybi@ietfa.amsl.com>; Sun, 6 Sep 2015 08:12:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.622
X-Spam-Level:
X-Spam-Status: No, score=0.622 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WDcdVmDqZI7T for <hybi@ietfa.amsl.com>; Sun, 6 Sep 2015 08:12:29 -0700 (PDT)
Received: from homiemail-a7.g.dreamhost.com (homie.mail.dreamhost.com [208.97.132.208]) by ietfa.amsl.com (Postfix) with ESMTP id 036631B2A22 for <hybi@ietf.org>; Sun, 6 Sep 2015 08:12:28 -0700 (PDT)
Received: from homiemail-a7.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a7.g.dreamhost.com (Postfix) with ESMTP id 9E98E25C072 for <hybi@ietf.org>; Sun, 6 Sep 2015 08:12:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=annevk.nl; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc: content-type; s=annevk.nl; bh=uelxuatknZhQeYo8BMJYEJeZIGk=; b=MB 9XSrTuBSG63RlfY7gWesLub36AkDmSTMmpq+dZhioJtlh9rBfeWoIqWG02wy8+NX +B4wBSp5GupL7iWNaqhtYAzTE+YYIayHuj78ieicuLCiqrKVraV0Hws4RShJ8ZvO CVcsIQEjbXUUit+LNxoG0PMmG0PeLI309ErbnkJSc=
Received: from mail-yk0-f174.google.com (mail-yk0-f174.google.com [209.85.160.174]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: annevk@annevk.nl) by homiemail-a7.g.dreamhost.com (Postfix) with ESMTPSA id 8552225C06D for <hybi@ietf.org>; Sun, 6 Sep 2015 08:12:27 -0700 (PDT)
Received: by ykcf206 with SMTP id f206so60989743ykc.3 for <hybi@ietf.org>; Sun, 06 Sep 2015 08:12:26 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.13.211.133 with SMTP id v127mr15742250ywd.90.1441552346720; Sun, 06 Sep 2015 08:12:26 -0700 (PDT)
Received: by 10.37.50.2 with HTTP; Sun, 6 Sep 2015 08:12:26 -0700 (PDT)
In-Reply-To: <55EB2FBF.4080602@gmx.de>
References: <CADnb78iWYqqG1t+bYRtMvFifJru06JXb0=KQgfunRrXt-+8E8w@mail.gmail.com> <55EB2FBF.4080602@gmx.de>
Date: Sun, 06 Sep 2015 17:12:26 +0200
Message-ID: <CADnb78hy8zG_PuOY9X0wtyJLqOH=D8BHyTnqjgwXtze3UmG9ZA@mail.gmail.com>
From: Anne van Kesteren <annevk@annevk.nl>
To: Julian Reschke <julian.reschke@gmx.de>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/hybi/YvT0G_HtWNI_488SYZXbFioXveA>
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] "Establish a WebSocket Connection" does not allow for cookies
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hybi/>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Sep 2015 15:12:30 -0000
On Sat, Sep 5, 2015 at 8:09 PM, Julian Reschke <julian.reschke@gmx.de> wrote: > On 2015-09-05 19:25, Anne van Kesteren wrote: >> After the tenth protocol draft this algorithm broke a hook the API >> standard was using and those authoring the WebSocket API were never >> notified. >> >> See https://www.w3.org/Bugs/Public/show_bug.cgi?id=27869 for details. >> >> How do you suggest this gets fixed? > > The subject line is misleading. It's the name of the algorithm defined in the RFC that takes a set number of arguments of which headers and/or cookies are not an acceptable argument. > <https://tools.ietf.org/html/rfc6455#section-4.1>, item 12 in the second > list is: > >> 12. The request MAY include any other header fields, for example, >> cookies [RFC6265] and/or authentication-related header fields >> such as the |Authorization| header field [RFC2616], which are >> processed according to documents that define them. This step cannot be influenced from the API. The "request" is constructed by this algorithm and the influence the API has over it is carefully defined. -- https://annevankesteren.nl/
- [hybi] "Establish a WebSocket Connection" does no… Anne van Kesteren
- [hybi] "Establish a WebSocket Connection" does no… Anne van Kesteren
- Re: [hybi] "Establish a WebSocket Connection" doe… Julian Reschke
- Re: [hybi] "Establish a WebSocket Connection" doe… Anne van Kesteren
- Re: [hybi] "Establish a WebSocket Connection" doe… Takeshi Yoshino
- Re: [hybi] "Establish a WebSocket Connection" doe… Anne van Kesteren
- Re: [hybi] "Establish a WebSocket Connection" doe… Takeshi Yoshino
- Re: [hybi] "Establish a WebSocket Connection" doe… Salvatore Loreto
- Re: [hybi] "Establish a WebSocket Connection" doe… Anne van Kesteren