● I’m Sheridan!
● Self-taught geeky kid
● Started out in networking and infrastructure
● Worked in that for a while
● Started doing development
● Now consulting
● I have no impressive credentials. Sorry.
● Also, I have not slept in ~30 hours by the
time I’m speaking to you
First, who is this guy talking to me?
What Is It?
● TCP Protocol
● HTTP Upgrade
● RFC 6455
When to use a WebSocket
When you need bidirectional communication
and one of the endpoints is a browser.
● Client/Server (AJAX)
● WebSocket Proxies for TCP services
● ...there are more applications
So...there have to be cons...
● It’s not an HTTP request like AJAX/Comet
○ Sheridan: Explain here how this would be done with
● Cross-browser development can be difficult
● XSS just got worse
● WebSockets were supposed to be simple;
security has made them complex
○ More on this later
● More decision-making to the server
● Origin header checking in wsHandler
● Would probably be in:
○ Firebase (cloud, database)
○ Autobahn (python)
○ Pusher (cloud)
○ Websocket-Rails / Tubesock
○ ...another similar product (these things are taking
How would the demo REALLY look?
Practice Safe WebSocketing
● Security is presently “roll your own”
○ Origin header
○ VALIDATE YOUR INFORMATION (Jordan Kasper
I think CSS sprite animations with WebSocket
backend might be a cool Hack-a-thon project, if
someone wants to try it out.
Making a simple little HTML5 game is not
difficult and there are plenty of examples