Re: [hybi] Final HTTP responses and WebSocket handshake
Yutaka_Takeda@PlayStation.Sony.Com Mon, 14 February 2011 19:43 UTC
Return-Path: <Yutaka_Takeda@PlayStation.Sony.Com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B0EB83A6DA3; Mon, 14 Feb 2011 11:43:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.036
X-Spam-Level:
X-Spam-Status: No, score=-6.036 tagged_above=-999 required=5 tests=[AWL=0.228, BAYES_00=-2.599, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FcJGxmmuAXOt; Mon, 14 Feb 2011 11:43:45 -0800 (PST)
Received: from paris.playstation.sony.com (nat.playstation.sony.com [69.36.131.254]) by core3.amsl.com (Postfix) with ESMTP id 3529A3A6D9B; Mon, 14 Feb 2011 11:43:45 -0800 (PST)
Received: from constantine.playstation.sony.com ([162.49.67.15]) by paris.playstation.sony.com (Lotus Domino Release 8.5.1FP5) with ESMTP id 2011021411440259-529646 ; Mon, 14 Feb 2011 11:44:02 -0800
In-Reply-To: <OFE5DF3EED.178115CB-ON88257834.007C1420-88257834.0080BA73@playstation.sony.com>
To: "hybi@ietf.org" <hybi@ietf.org>
MIME-Version: 1.0
X-KeepSent: 8FB0AAA9:E1FAD4D2-88257837:0069F6E2; type=4; flags=0; name=$KeepSent
X-Mailer: Lotus Notes Release 7.0.2 September 26, 2006
Message-ID: <OF8FB0AAA9.E1FAD4D2-ON88257837.0069F6E2-88257837.006C674E@playstation.sony.com>
From: Yutaka_Takeda@PlayStation.Sony.Com
Date: Mon, 14 Feb 2011 11:44:02 -0800
X-MIMETrack: Serialize by Router on SCEA919ML04/SCEA(Release 8.5.1FP3|May 23, 2010) at 02/14/2011 11:44:02 AM, Serialize complete at 02/14/2011 11:44:02 AM, Itemize by SMTP Server on SCEA919ML02/SCEA(Release 8.5.1FP5|September 29, 2010) at 02/14/2011 11:44:02 AM, Serialize by Router on SCEA919ML02/SCEA(Release 8.5.1FP5|September 29, 2010) at 02/14/2011 11:44:09 AM, Serialize complete at 02/14/2011 11:44:09 AM
Content-Type: multipart/alternative; boundary="=_alternative 006C674B88257837_="
Cc: hybi-bounces@ietf.org, Gabriel Montenegro <Gabriel.Montenegro@microsoft.com>
Subject: Re: [hybi] Final HTTP responses and WebSocket handshake
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Feb 2011 19:43:46 -0000
Hi, > Does any have any thoughts on my other concern? > > o Relatively more complexi in adding WebSocket to the existing > implemtation of HTTP server. > ... Please let me take back the above comments. What HTTP offers with Upgrade header and 101 response is not just for switching underlying protocol but also including HTTP layaer itself. Therefore, what I was pointing out wan inherent in HTTP protocol, not in WebSocket. Under WebSocket's requirements, REQ.8 and REQ.9, I agree that the current approach with Upgrade header/101 is the best possible way for WebSocket to reuse existing HTTP features. - Yutaka hybi-bounces@ietf.org wrote on 02/11/2011 03:26:02 PM: > > > This is not aligned with the WG consensus for HTTP compatibility (up > > until the websocket handshake is complete) declared some time back > > by the chairs. > > The websocket handshake is not complete until a 101 comes back. So > > anything before than (including other response codes, > > reauthentication, etc) are not anything the websockets draft can say > > anything about. It's just compatible HTTP as usual. > > Ah, I see. So, HTTP transaction can be iterated until 101 comes in. > I may have over-reacted to the text: > > > In Section 1.3: > > "Any status code other than 101 must be treated as a failure and > the websocket connection aborted." > > I agree, this needs to be fixed. In fact, any status code other than > 101 MUST be handled > in a way that conforms with HTTP. (which is out of scope of this document). > > Does any have any thoughts on my other concern? > > > o Relatively more complexi in adding WebSocket to the existing > implemtation of HTTP server. > > Reasons: > > - Existing HTTP implementation is likely designed to treat 101 > as a indefinitive > > acceptance of the request wihere it tries to prepare for the > final response... > > - Where, on receipt of a final response, such as 200 OK, the > likelihood of exisiting implementaion > > would prepare for releasing HTTP protocol specific resources > in memory to terminate > > the transaction. > > > > ## This impact on adoption of WebSocket procol by existing HTTP servers. > > ## It is desired a loose coupling with HTTP specific function - > easy to add WebSocket to existing system (e.g. Apache) > > Say, we try to implement WebSocket in Apache, or via Apache module. > Since actual WebSocket > connection resides in the middle of the HTTP GET transaction, the > process or thread that is > processing the transaction has taken up its sufficiently large > resources for handling any type of > HTTP transaction, and most of which will no longer be necessary once > the WS handshake is > complete. Consequently, such implementation in Apache will be very > expensive and probably > not practical for large scale deployment. > > If we could complete the WS handshake in a complete HTTP transaction > (successful > handshake completes on receipt of 200 OK, for example), then this > will have a completely > different view. Coming back to the example with Apache, the > resources for the transaction > (process/thread/mempool/context, etc.) can be released completely. > What needs to done > is in its socket management code be modified to leave the socket (at > this point being > 'websocket' open and transfer it to an internal or external facility > that can efficiently handle > persistent/bidirectional communication. > > More specifically, the Connection header is about what to do with > the underlying connection > *after* the current transaction is complete. So, we only needed to > define a new value to > the Connection header like: > > Connection: websocket > > (# of course, 'Sec-Websocket-xxx' headers are still necessary, > 'Upgrade: websocket' can be eliminated.) > > This can be reported to the socket management layer to tell, "the > socket is going to be used > as WebSocket". (don't close and don't use it for subsequent HTTP > transactions.) > Please notice that, there's no HTTP layer involved at this point! > > This is clearly MUCH less work than tackling situation where > transaction is left open upon > 101 response, and yet MUCH cleaner solution for introducing > WebSocket feature into > existing HTTP servers. > > > Any thoughs? > > -- > Yutaka Takeda - US R&D Sony Computer Entertainment, Inc. > Office: 650 655 7484 Fax: 650 655 8060 > > > hybi-bounces@ietf.org wrote on 02/10/2011 05:57:51 PM: > > > This is not aligned with the WG consensus for HTTP compatibility (up > > until the websocket handshake is complete) declared some time back > > by the chairs. > > The websocket handshake is not complete until a 101 comes back. So > > anything before than (including other response codes, > > reauthentication, etc) are not anything the websockets draft can say > > anything about. It's just compatible HTTP as usual. > > > > So this is a bug in the spec, hopefully to get taken care of in 06. > > > > > -----Original Message----- > > > From: hybi-bounces@ietf.org [mailto:hybi-bounces@ietf.org] On Behalf Of > > > Greg Wilkins > > > Sent: 10 February, 2011 17:49 > > > To: Yutaka_Takeda@playstation.sony.com > > > Cc: hybi@ietf.org > > > Subject: Re: [hybi] Final HTTP responses and WebSocket handshake > > > > > > On 11 February 2011 12:40, <Yutaka_Takeda@playstation.sony.com> wrote: > > > > > > > > o Cannot get full benefit out of HTTP protocol during the handshake > > > > as it does not expect a final response: > > > > For example: > > > > - Can not redirect WebSocket handshake to another server (for load > > > > balancing, fail-over, etc.) > > > > - Can not perform user authentication (Basic, Digest, etc.) during > > > > the handshake. > > > > - Similarly, 407 authentication cannot be forced by the server. > > > > > > +1 > > > > > > In the ancient history of this list, I have long argued for exactly this. > > > > > > Apparently there are some security concerns about browser > redirection, which > > > I never really understood... and even if there are, I don't see > > the reason that the > > > protocol should deny the use of non 101 handshake responses to all > > clients. I > > > think the protocol should allow arbitrary response codes (because it can't > > > actually prevent them being sent by non WS servers anyway), and then > > > individual clients can decide which responses they will handle > (which may be > > > better discuss in the appropriate HTML 5 forums regarding the specific > > > websocket API). > > > > > > cheers > > > _______________________________________________ > > > hybi mailing list > > > hybi@ietf.org > > > https://www.ietf.org/mailman/listinfo/hybi > > > > _______________________________________________ > > hybi mailing list > > hybi@ietf.org > > https://www.ietf.org/mailman/listinfo/hybi > _______________________________________________ > hybi mailing list > hybi@ietf.org > https://www.ietf.org/mailman/listinfo/hybi
- [hybi] Final HTTP responses and WebSocket handsha… Yutaka_Takeda
- Re: [hybi] Final HTTP responses and WebSocket han… Greg Wilkins
- Re: [hybi] Final HTTP responses and WebSocket han… Gabriel Montenegro
- Re: [hybi] Final HTTP responses and WebSocket han… Yutaka_Takeda
- Re: [hybi] Final HTTP responses and WebSocket han… John Fallows
- Re: [hybi] Final HTTP responses and WebSocket han… Greg Wilkins
- Re: [hybi] Final HTTP responses and WebSocket han… Yutaka_Takeda