WebSocket-Over-HTTP Protocol

The WebSocket-Over-HTTP protocol is a simple, text-based protocol for gatewaying between a WebSocket client and a conventional HTTP server.

Why?

Pushpin’s Generic Realtime Intermediary Protocol (GRIP) enables out-of-band message injection into WebSocket connections. Normally, using GRIP with WebSockets requires a WebSocket connection on both sides of the proxy:

Client <--WS--> GRIP Proxy <--WS--> Server

The GRIP Proxy is a publish/subscribe service. When the server has data to send spontaneously, it does not use its WebSocket connection to send the data. Rather, it uses an out-of-band publish command to the proxy (usually via HTTP POST). This means that the WebSocket connection between the proxy and the server is used almost exclusively for servicing incoming requests from the client.

If the communication path between the proxy and the server only needs to handle request/response interactions, then HTTP becomes a viable alternative to a WebSocket:

Client <--WS--> GRIP Proxy <--HTTP--> Server

Using HTTP for communication between the proxy and server may be easier to maintain and scale since HTTP server tools are well established. Plus, if the server is merely doing stateless RPC processing, then HTTP is arguably a respectable choice for this tier in the service.

Of course, the usefulness of this gatewaying is entirely dependent on the server having a way to send data to clients out-of-band. As such, it is recommended that the WebSocket-Over-HTTP protocol be used in combination with GRIP. Note, however, that the WebSocket-Over-HTTP protocol does not explicitly depend on GRIP.

Protocol

The gateway and server exchange WebSocket “events” via HTTP requests and responses. The following events are defined:

  • OPEN - WebSocket negotiation request or acknowledgement.
  • TEXTBINARY - Messages with content.
  • PINGPONG - Ping and pong messages.
  • CLOSE - Close message with 16-bit close code.
  • DISCONNECT - Indicates connection closed uncleanly or does not exist.

Events are encoded in a format similar to HTTP chunked transfer encoding:

TEXT B\r\n
hello world\r\n

The format is the name of the event, a space, the hexidecimal encoding of the content size, a carriage return and newline, the content bytes, and finally another carriage return and newline.

For events with no content, the size and content section can be omitted:

OPEN\r\n

Events with content are TEXT, BINARY, and CLOSE. Events without content are OPEN, PING, PONG, and DISCONNECT.

An event that should not contain content MAY be encoded with content. Receivers should ignore such content. For example, this is legal:

OPEN 0\r\n
\r\n

One or more encoded events are then concatenated and placed in the body of an HTTP request or response, with content type application/websocket-events.

Example

Gateway opens connection:

POST /target HTTP/1.1
Connection-Id: b5ea0e11
Content-Type: application/websocket-events
[... any headers included by the client WebSocket handshake ...] OPEN\r\n

Server accepts connection:

HTTP/1.1 200 OK
Content-Type: application/websocket-events
[... any headers to include in the WebSocket negotiation response ...] OPEN\r\n

Gateway relays message from client:

POST /target HTTP/1.1
Connection-Id: b5ea0e11
Content-Type: application/websocket-events TEXT 5\r\n
hello\r\n

Server responds with two messages:

HTTP/1.1 200 OK
Content-Type: application/websocket-events TEXT 5\r\n
world\r\n
TEXT 1C\r\n
here is another nice message\r\n

Gateway relays a close message:

POST /target HTTP/1.1
Connection-Id: b5ea0e11
Content-Type: application/websocket-events CLOSE 2\r\n
[... binary status code ...]\r\n

Server sends a close message back:

HTTP/1.1 200 OK
Content-Type: application/websocket-events CLOSE 2\r\n
[... binary status code ...]\r\n

State Management

Headers of the initial WebSocket negotiation request MUST be replayed with every request made by the gateway. This means that if the client uses cookies or other headers for authentication purposes, the server will receive this data with every message.

The gateway includes a Connection-Id header which uniquely identifies a particular client connection. Servers that need to track connections can use this. In most cases, though, servers should not have to care about connections.

It is possible to bind metadata to the connection via a Set-Meta-* header. This works similar to a cookie. The server can set a field that the gateway should echo back on all subsequent requests.

For example, a client supplies a cookie which the gateway relays across during connect:

POST /target HTTP/1.1
Connection-Id: b5ea0e11
Content-Type: application/websocket-events
Cookie: [... auth info ...] OPEN\r\n

The server accepts the connection and binds a User field based on the cookie:

HTTP/1.1 200 OK
Content-Type: application/websocket-events
Set-Meta-User: alice OPEN\r\n

Now, any further requests from the gateway will include a Meta-User header:

POST /target HTTP/1.1
Connection-Id: b5ea0e11
Meta-User: alice
Content-Type: application/websocket-events TEXT 5\r\n
hello\r\n

Security note: gateways MUST NOT relay any headers from the client that are prefixed with Meta-. This prevents the client from spoofing metadata bindings. Additionally, the server needs to ensure that an incoming request came from a gateway before trusting its Meta-* headers.

Notes

  • The first request MUST contain an OPEN event as the first event.
  • The first response MUST contain an OPEN event as the first event.
  • If the server tracks connections and no longer considers the connection to exist, it should respond with DISCONNECT. In most cases, servers will not track connections, though.
  • Gateway should only have one outstanding request per client connection. This ensures in-order delivery.
  • DISCONNECT event only sent if connection was not closed cleanly. With clean close, disconnect is implied.
  • Within this protocol alone, the server has no way to talk to the client outside of responding to incoming requests.
  • Gateway can send an empty request to keep-alive the current connection. The gateway shall consider an empty response to be a keep-alive from the server. The server enables keep-alives by providing a Keep-Alive-Interval response header.
 
 
 
 

WebSocket-Over-HTTP Protocol的更多相关文章

  1. spring websocket源码分析

    什么是websocket? 摘录于wiki[1]: WebSocket is a protocol providing full-duplex communication channels over ...

  2. 学习html5的WebSocket连接

    1.什么是WebSocket WebSocket 是一种自然的全双工.双向.单套接字连接.使用WebSocket,你的HTTP 请求变成打开WebSocket 连接(WebSocket 或者WebSo ...

  3. webSocket学习与应用

    非原创,版权归原作者所有http://www.cnblogs.com/shizhouyu/p/4975409.html 1.什么是WebSocket WebSocket 是一种自然的全双工.双向.单套 ...

  4. websocket学习和使用

    1)WebSocket介绍 HTML5 Web Sockets规范定义了Web Sockets API,支持页面使用Web Socket协议与远程主机进行全双工的通信.它引入了WebSocket接口并 ...

  5. 实现WebSocket和WAMP协议的开源库WampSharp

    Websocket Application Messaging Protocol 协议:https://github.com/wamp-proto/wamp-proto 1. 基础档案 引入: WAM ...

  6. WebSocket【转】

    1.什么是WebSocket WebSocket 是一种自然的全双工.双向.单套接字连接.使用WebSocket,你的HTTP 请求变成打开WebSocket 连接(WebSocket 或者WebSo ...

  7. EMQ ---websocket

    简介 近年来随着 Web 前端的快速发展,浏览器新特性层出不穷,越来越多的应用可以在浏览器端或通过浏览器渲染引擎实现,Web 应用的即时通信方式 WebSocket 得到了广泛的应用. WebSock ...

  8. websocket原理和基于c/c++实现的websocket协议栈(更新中)

    参考: 博客1:http://blog.sina.com.cn/s/blog_bf397e780102w25k.html https://www.cnblogs.com/barrywxx/p/7412 ...

  9. HTML5入门总结 HTML5API

    w3cshools  MDN英文  MDN中文 HTML5 HTML5 is the latest evolution of the standard that defines HTML. The t ...

  10. 5 Protocols For Event-Driven API Architectures

    The internet is a system of communication, and as such, the relationship between client and server, ...

随机推荐

  1. linux入门经验之谈

     一. 选择适合自己的linux发行版 谈到linux的发行版本,太多了,可能谁也不能给出一个准确的数字,但是有一点是可以肯定的,linux正在变得越来越流行, 面对这么多的Linux 发行版,打 ...

  2. hdu 1754解题报告 (代码+注释)

      I Hate It Time Limit: 3000MS     Memory Limit: 32768 K Problem Description 很多学校流行一种比较的习惯.老师们很喜欢询问, ...

  3. String 和StringBuffer的简单实用案例

    3.现在有个字符串是按照如下格式保存的:“张三:90|李四:80|王五:100” 显示后的数据如下所示,按不同的人员显示: 姓名:张三,成绩是:90: 姓名:李四,成绩是:90: 姓名:王五,成绩是: ...

  4. 对称加密-java实现

    主要步骤如下: 1.利用SecretKeyFactory.getInstance("加密算法")创建密钥工厂,加密算法如"DES","AES" ...

  5. SharePoint REST API - REST请求导航的数据结构

    博客地址:http://blog.csdn.net/FoxDave 从一个既定的URL获取其他SharePoint资源 当你用SharePoint REST服务进行开发的时候,你经常会从指定的一个 ...

  6. mysql encode decode加密和解密

    加密:模板:insert into user(userpass) values(encode('useerpass','str')) insert into user(userid,username, ...

  7. 2010年腾讯前端面试题学习(js部分)

    看了牛人写的回忆文章,里面有2010年腾讯的前端面试题,里面涉及到不少基础性的问题,学习一下:) 原文地址:https://segmentfault.com/a/1190000012998107 js ...

  8. ubantu 安装redis

    安装Redis服务器端 ~ sudo apt-get install redis-server 安装完成后,Redis服务器会自动启动,我们检查Redis服务器程序 检查Redis服务器系统进程 ~ ...

  9. IDEA如何自动生成testNG的测试报告?

    问:eclipse会在test-output目录下自动生成测试报告,想知道IDEA是只可以在控制台那里点击导出手动生成报告么? 答:编译器选择Edit Configuration,找到测试项,找到Li ...

  10. 【Python】多进程-共享变量(Value、string、list、Array、dict)

    #练习:未使用共享变量 from multiprocessing import Process def f(n, a): n = 3.1415927 for i in range(len(a)): a ...