Re: [hybi] WebSocket feedback
Greg Wilkins <gregw@webtide.com> Thu, 04 March 2010 15:44 UTC
Return-Path: <gregw@webtide.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 06DC03A8ABD for <hybi@core3.amsl.com>; Thu, 4 Mar 2010 07:44:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.59
X-Spam-Level:
X-Spam-Status: No, score=-2.59 tagged_above=-999 required=5 tests=[AWL=0.009, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sZGYLlOA0qs7 for <hybi@core3.amsl.com>; Thu, 4 Mar 2010 07:44:15 -0800 (PST)
Received: from mail-fx0-f213.google.com (mail-fx0-f213.google.com [209.85.220.213]) by core3.amsl.com (Postfix) with ESMTP id 5A15A3A8ABC for <hybi@ietf.org>; Thu, 4 Mar 2010 07:44:10 -0800 (PST)
Received: by fxm5 with SMTP id 5so2964621fxm.29 for <hybi@ietf.org>; Thu, 04 Mar 2010 07:44:09 -0800 (PST)
Received: by 10.87.64.16 with SMTP id r16mr653112fgk.58.1267717448868; Thu, 04 Mar 2010 07:44:08 -0800 (PST)
Received: from [192.168.0.100] (host116-234-static.43-88-b.business.telecomitalia.it [88.43.234.116]) by mx.google.com with ESMTPS id 14sm462795fxm.9.2010.03.04.07.44.06 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 04 Mar 2010 07:44:07 -0800 (PST)
Message-ID: <4B8FD541.7060301@webtide.com>
Date: Thu, 04 Mar 2010 16:44:01 +0100
From: Greg Wilkins <gregw@webtide.com>
User-Agent: Thunderbird 2.0.0.23 (X11/20090817)
MIME-Version: 1.0
To: Hybi <hybi@ietf.org>
References: <8B0A9FCBB9832F43971E38010638454F032E566DDF@SISPE7MB1.commscope.com> <Pine.LNX.4.64.1002150605580.29686@ps20323.dreamhostps.com> <4B8F6056.8060809@webtide.com> <CE4EF44A-6C8F-43BC-ABF4-777C1149A16F@d2dx.com> <4B8F72FA.2050908@webtide.com> <4B8F7399.40208@webtide.com> <3212A766-9009-4DD6-BA63-53CCF4E98E5D@d2dx.com>
In-Reply-To: <3212A766-9009-4DD6-BA63-53CCF4E98E5D@d2dx.com>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [hybi] WebSocket feedback
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Mar 2010 15:44:16 -0000
Vladimir Katardjiev wrote: >> The server needs to consider the bytes of content before formulating the accepting the upgrade request and sending the 101 response, so it can't be considered as data in the >> stream after the 101. > > Unless I'm reading it completely wrong, the contents of the 101 handshake (since it has no content-length) can and are constructed purely from the headers. The challenge > response contains data from both headers and the 8-byte challenge that comes later, but it's fine to do it. The steps of the algorithm could be reordered with no change of the > output so what we call it is a matter of interpretation. Po-tay-to, poh-ta-to. But the problem with this is it assumes success and that a 101 is the only possible response. I think that once we have gone through the process, it is very likely that we will see the need for return types other than 101. For example, it will be hard to stop some servers sending a 401 unauthorized if there are missing credentials. It might also be desirable to send 302 responses if a server has moved or wants to redirect to a non HTTP port or a secure https/wss port. So if websocket wants to have an exchange on the wire after the upgrade and before the framing starts, then sending non content bytes after the upgrade request has to be conditional receiving the 101... but then we have another round trip. I really think we should stop trying to re-invent the HTTP upgrade mechanism. If there are problems with normal HTTP upgrade, then raise them with HTTP bis. If the bytes after the request header are sent as request content, what attack verctor is opened up? Note that it is OK for the response bytes to be sent as the first bytes of the stream (and not part of the 101). regards
- Re: [hybi] WS ABNF Dave Cridland
- Re: [hybi] WS ABNF Julian Reschke
- Re: [hybi] WS ABNF Greg Wilkins
- Re: [hybi] WS ABNF Thomson, Martin
- [hybi] WS ABNF Thomson, Martin
- Re: [hybi] WS ABNF Dave Cridland
- Re: [hybi] WS ABNF Julian Reschke
- Re: [hybi] WS ABNF Jamie Lokier
- Re: [hybi] WS ABNF Pieter Hintjens
- Re: [hybi] WS ABNF Dave Cridland
- Re: [hybi] WS ABNF Dave Cridland
- Re: [hybi] WS ABNF Greg Wilkins
- Re: [hybi] WS ABNF Scott Ferguson
- Re: [hybi] WS ABNF Dave Cridland
- Re: [hybi] WS ABNF Scott Ferguson
- Re: [hybi] WebSocket feedback Thomson, Martin
- [hybi] WebSocket feedback Ian Hickson
- Re: [hybi] WebSocket feedback Ian Hickson
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Vladimir Katardjiev
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Vladimir Katardjiev
- [hybi] Publishing drafts, Re: WebSocket feedback Julian Reschke
- Re: [hybi] Publishing drafts, Re: WebSocket feedb… Julian Reschke
- [hybi] Framing, was Re: WebSocket feedback Dave Cridland
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Vladimir Katardjiev
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Joe Hildebrand
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Greg Wilkins
- Re: [hybi] WebSocket feedback Julian Reschke
- Re: [hybi] WebSocket feedback Mridul Muralidharan
- [hybi] requirement: backwards compatible?. was : … Greg Wilkins
- Re: [hybi] requirement: backwards compatible?. wa… Anne van Kesteren
- Re: [hybi] requirement: backwards compatible?. wa… Vladimir Katardjiev