Websockets

652 views

Published on

Intro to WebSockets

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
652
On SlideShare
0
From Embeds
0
Number of Embeds
52
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Websockets

  1. 1. WebSockets with Sheridan Roberts
  2. 2. ● I’m Sheridan! ● Self-taught geeky kid ● Started out in networking and infrastructure ● Worked in that for a while ● Quit ● Started doing development ● Now consulting ● I have no impressive credentials. Sorry. ● Also, I have not slept in ~30 hours by the time I’m speaking to you First, who is this guy talking to me?
  3. 3. What Is It? ● TCP Protocol ● HTTP Upgrade ● Bidirectional ● RFC 6455
  4. 4. WebSocket Frame 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-------+-+-------------+-------------------------------+ |F|R|R|R| opcode|M| Payload len | Extended payload length | |I|S|S|S| (4) |A| (7) | (16/64) | |N|V|V|V| |S| | (if payload len==126/127) | | |1|2|3| |K| | | +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - + | Extended payload length continued, if payload len == 127 | + - - - - - - - - - - - - - - - +-------------------------------+ | |Masking-key, if MASK set to 1 | +-------------------------------+-------------------------------+ | Masking-key (continued) | Payload Data | +-------------------------------- - - - - - - - - - - - - - - - + : Payload Data continued ... : + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + | Payload Data continued ... | +---------------------------------------------------------------+
  5. 5. When to use a WebSocket When you need bidirectional communication and one of the endpoints is a browser. ● Client/Server (AJAX) ● Gaming ● WebSocket Proxies for TCP services ● ...there are more applications
  6. 6. So...there have to be cons... ● It’s not an HTTP request like AJAX/Comet ○ Sheridan: Explain here how this would be done with WebSockets. ● Cross-browser development can be difficult (for now) ● XSS just got worse ● WebSockets were supposed to be simple; security has made them complex ○ More on this later
  7. 7. Demo Lets see WebSockets in action!
  8. 8. ● More decision-making to the server ● Origin header checking in wsHandler Handshake ● Would probably be in: ○ Firebase (cloud, database) ○ Autobahn (python) ○ Socket.IO (JavaScript, Flash fallback) ○ Pusher (cloud) ○ Websocket-Rails / Tubesock ○ ...another similar product (these things are taking off!) How would the demo REALLY look?
  9. 9. Practice Safe WebSocketing ● Security is presently “roll your own” ○ Origin header ○ Sessions ○ VALIDATE YOUR INFORMATION (Jordan Kasper shoutout)
  10. 10. P.S., I think CSS sprite animations with WebSocket backend might be a cool Hack-a-thon project, if someone wants to try it out. Making a simple little HTML5 game is not difficult and there are plenty of examples online.
  11. 11. Got Questions? I’ll try to answer them

×