Re: [hybi] [Uri-review] ws: and wss: schemes
Jamie Lokier <jamie@shareable.org> Fri, 14 August 2009 21:37 UTC
Return-Path: <jamie@shareable.org>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E29183A68C2; Fri, 14 Aug 2009 14:37:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.404
X-Spam-Level:
X-Spam-Status: No, score=-4.404 tagged_above=-999 required=5 tests=[AWL=-1.805, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RmMGn1VnGQeK; Fri, 14 Aug 2009 14:37:55 -0700 (PDT)
Received: from mail2.shareable.org (mail2.shareable.org [80.68.89.115]) by core3.amsl.com (Postfix) with ESMTP id 196D13A6969; Fri, 14 Aug 2009 14:37:54 -0700 (PDT)
Received: from jamie by mail2.shareable.org with local (Exim 4.63) (envelope-from <jamie@shareable.org>) id 1Mc4TC-0004IY-OX; Fri, 14 Aug 2009 22:37:54 +0100
Date: Fri, 14 Aug 2009 22:37:54 +0100
From: Jamie Lokier <jamie@shareable.org>
To: Kristof Zelechovski <giecrilj@stegny.2a.pl>
Message-ID: <20090814213754.GD12021@shareable.org>
References: <Pine.LNX.4.62.0908070531430.28566@hixie.dreamhostps.com> <1249651007.25446.8934.camel@dbooth-laptop> <0B450D619CC0486E8BD51C31FBA214AD@POCZTOWIEC> <20090812021926.GC19298@shareable.org> <AB9A0CF094F04D39BC7DC5DEAFF7FC1C@POCZTOWIEC>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <AB9A0CF094F04D39BC7DC5DEAFF7FC1C@POCZTOWIEC>
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: uri-review@ietf.org, hybi@ietf.org, uri@w3.org, 'David Booth' <david@dbooth.org>
Subject: Re: [hybi] [Uri-review] ws: and wss: schemes
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2009 21:37:56 -0000
Kristof Zelechovski wrote: > 1. Encouraging the user to enter a Web Sockets URL does not make sense if > cross-domain connections are not allowed, which I hope will be the case (the > draft specification [1] does not contain security considerations). It was originally thought XHR (XmlHttpRequest) didn't need to be cross-domain, but then people thought of lots of reasons why it's useful and had to use hacks to workaround the limitation, so now there's a draft standard to support cross-domain XHR - being careful to address cross-domain security. I suspect WebSockets could benefit from a look at the mechanisms used by cross-domain XHR to check for permission to proceed. > 2. While we are at it, a Web Sockets connection is useless without knowing > the protocol, and the protocol to be used is not contained within the URL. > That means a ws URL is not self-contained and thus useless as a stand-alone > locator. The same is true of HTTP. A HTTP URL does not tell you the type of resource, only where to find _a_ resource. For example there are places where a user can enter the URL of a CalDAV calendar resource. The CalDAV protocol is used (over HTTP) to work with that resource, but the URL doesn't say what it is. The only difference with WebSockets is that it (so far) seems to avoid any descriptive metadata, which means there will still be applications which ask for a WebSockets URL, but when the URL is for a different protocol on top, it'll simply break with undefined behaviour instead of a clean error message or fallback behaviour. It doesn't matter if you think nobody should do that. It will still be done anyway - because it's so obviously useful. -- Jamie
- [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Greg Wilkins
- Re: [hybi] [Uri-review] ws: and wss: schemes Ian Hickson
- Re: [hybi] [Uri-review] ws: and wss: schemes Maciej Stachowiak
- Re: [hybi] [Uri-review] ws: and wss: schemes Chris Anderson
- Re: [hybi] [Uri-review] ws: and wss: schemes Mark Nottingham
- Re: [hybi] [Uri-review] ws: and wss: schemes Pieter Hintjens
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Greg Wilkins
- Re: [hybi] [Uri-review] ws: and wss: schemes Maciej Stachowiak
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Maciej Stachowiak
- Re: [hybi] [Uri-review] ws: and wss: schemes Maciej Stachowiak
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes David Orchard
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Ian Hickson
- Re: [hybi] [Uri-review] ws: and wss: schemes Roy T. Fielding
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Ian Hickson
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes noah_mendelsohn
- Re: [hybi] [Uri-review] ws: and wss: schemes Toby Inkster
- Re: [hybi] [Uri-review] ws: and wss: schemes Křištof Želechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Erik Wilde
- Re: [hybi] [Uri-review] ws: and wss: schemes noah_mendelsohn
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes John Kemp
- Re: [hybi] [Uri-review] ws: and wss: schemes noah_mendelsohn
- Re: [hybi] [Uri-review] ws: and wss: schemes Mark Nottingham
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Erik Wilde
- Re: [hybi] [Uri-review] ws: and wss: schemes noah_mendelsohn
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes noah_mendelsohn
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Toby Inkster
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] ws: and wss: schemes Martin J. Dürst
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Toby Inkster
- Re: [hybi] [Uri-review] ws: and wss: schemes David Booth
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Martin J. Dürst
- Re: [hybi] [Uri-review] ws: and wss: schemes Křištof Želechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Křištof Želechovski
- Re: [hybi] [Uri-review] ws: and wss: schemes Jamie Lokier
- Re: [hybi] [Uri-review] ws: and wss: schemes Joseph A Holsten
- Re: [hybi] [Uri-review] ws: and wss: schemes Joseph A Holsten
- Re: [hybi] [Uri-review] ws: and wss: schemes Joseph A Holsten
- Re: [hybi] [Uri-review] ws: and wss: schemes Daniel R. Tobias
- Re: [hybi] [Uri-review] ws: and wss: schemes Daniel R. Tobias
- Re: [hybi] [Uri-review] ws: and wss: schemes Daniel R. Tobias
- Re: [hybi] [Uri-review] ws: and wss: schemes Lisa Dusseault
- Re: [hybi] [Uri-review] ws: and wss: schemes Infinity Linden
- Re: [hybi] [Uri-review] ws: and wss: schemes Lloyd Wood
- Re: [hybi] [Uri-review] ws: and wss: schemes Kristof Zelechovski
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Ian Hickson
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] ws: and wss: schemes Roy T. Fielding
- Re: [hybi] ws: and wss: schemes Julian Reschke
- Re: [hybi] [Uri-review] ws: and wss: schemes Martin J. Dürst
- Re: [hybi] ws: and wss: schemes Ian Hickson