SlideShare ist ein Scribd-Unternehmen logo
1 von 10
WebSockets
By Bodo Kaiser
Preface
Specs
Response
Request Request
Socket
Upgrade I
Request Response
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept <accept>
Sec-WebSocket-Protocol: <prot1>
GET /<endpoint> HTTP 1.1
Host: example.org
Upgrade: websocket
Connection: Upgrade
Origin: example.org
Sec-WebSocket-Accept <key>
Sec-WebSocket-Version: 13
Sec-WebSocket-Protocol: <prot1>
Upgrade II
Key
dGhlIHNhbXBsZSBub25jZQ==
GUID
258EAFA5-E914-47DA-95CA-C5AB0DC85B11
Concat
Hash
sha1
Encode
base64
Accept
s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
Frame I
Head Payload
RSV, Opcode
1 Byte
Masked, Length I
1 Byte
Length II
2 Byte
Masking
4 Byte
Length III
8 Byte
Opcodes: Continuation (0x00), Text (0x01), Binary (0x02), Close (0x08), Ping (0x09), Pong (0x0a)
Frame II
Length
7 Bit
Length I
< 0x7e
Length II
= 0x7e
Length III
= 0x7f
Masked
for (var i = 0; i < b.length; i++) {
b[i] = b[i] ^ m[i % 4]
}
Streams
function Incoming() {
Transform.call(this)
}
Inherits(Incoming, Transform)
Transform.prototype._read = function(chunk, encoding, callback) {
if (!this.header) {
// parse head
}
if (this.header.masked) {
// unmask payload
}
callback(null, chunk)
}
Experience
Thank You
Bodo Kaiser <i@bodokaiser.io>

Weitere ähnliche Inhalte

Was ist angesagt?

Squid Proxy Server
Squid Proxy ServerSquid Proxy Server
Squid Proxy Server13bcs0012
 
Mobile Programming - Network Universitas Budi Luhur
Mobile Programming - Network Universitas Budi LuhurMobile Programming - Network Universitas Budi Luhur
Mobile Programming - Network Universitas Budi LuhurRiza Fahmi
 
[OpenTRS-001] ooops
[OpenTRS-001] ooops[OpenTRS-001] ooops
[OpenTRS-001] ooopsTheori
 
Mobile Programming - 3 UDP
Mobile Programming - 3 UDPMobile Programming - 3 UDP
Mobile Programming - 3 UDPRiza Fahmi
 
Lamp configuration u buntu 10.04
Lamp configuration   u buntu 10.04Lamp configuration   u buntu 10.04
Lamp configuration u buntu 10.04mikehie
 
Connecting to the network
Connecting to the networkConnecting to the network
Connecting to the networkMu Chun Wang
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2Ahmed Mekawy
 
The Magic of Hot Streaming Replication, Bruce Momjian
The Magic of Hot Streaming Replication, Bruce MomjianThe Magic of Hot Streaming Replication, Bruce Momjian
The Magic of Hot Streaming Replication, Bruce MomjianFuenteovejuna
 
Project on squid proxy in rhel 6
Project on squid proxy in rhel 6Project on squid proxy in rhel 6
Project on squid proxy in rhel 6Nutan Kumar Panda
 
10 techniques from hacking labs1.3 miss confsp4
10 techniques from hacking labs1.3 miss confsp410 techniques from hacking labs1.3 miss confsp4
10 techniques from hacking labs1.3 miss confsp4Manich Koomsusi
 
Squid Caching for Web Content Accerlation
Squid Caching for Web Content AccerlationSquid Caching for Web Content Accerlation
Squid Caching for Web Content Accerlationrahul8590
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy serverGreen Jb
 
Безопасность интернет-приложений осень 2013 лекция 7
Безопасность интернет-приложений осень 2013 лекция 7Безопасность интернет-приложений осень 2013 лекция 7
Безопасность интернет-приложений осень 2013 лекция 7Technopark
 

Was ist angesagt? (20)

Squid server
Squid serverSquid server
Squid server
 
Squid Proxy Server
Squid Proxy ServerSquid Proxy Server
Squid Proxy Server
 
Mobile Programming - Network Universitas Budi Luhur
Mobile Programming - Network Universitas Budi LuhurMobile Programming - Network Universitas Budi Luhur
Mobile Programming - Network Universitas Budi Luhur
 
Qtree
QtreeQtree
Qtree
 
[OpenTRS-001] ooops
[OpenTRS-001] ooops[OpenTRS-001] ooops
[OpenTRS-001] ooops
 
Mobile Programming - 3 UDP
Mobile Programming - 3 UDPMobile Programming - 3 UDP
Mobile Programming - 3 UDP
 
Haproxy - zastosowania
Haproxy - zastosowaniaHaproxy - zastosowania
Haproxy - zastosowania
 
Lamp configuration u buntu 10.04
Lamp configuration   u buntu 10.04Lamp configuration   u buntu 10.04
Lamp configuration u buntu 10.04
 
Squid
SquidSquid
Squid
 
Puppet
PuppetPuppet
Puppet
 
Connecting to the network
Connecting to the networkConnecting to the network
Connecting to the network
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2
 
The Magic of Hot Streaming Replication, Bruce Momjian
The Magic of Hot Streaming Replication, Bruce MomjianThe Magic of Hot Streaming Replication, Bruce Momjian
The Magic of Hot Streaming Replication, Bruce Momjian
 
L'odyssée de la log
L'odyssée de la logL'odyssée de la log
L'odyssée de la log
 
Project on squid proxy in rhel 6
Project on squid proxy in rhel 6Project on squid proxy in rhel 6
Project on squid proxy in rhel 6
 
10 techniques from hacking labs1.3 miss confsp4
10 techniques from hacking labs1.3 miss confsp410 techniques from hacking labs1.3 miss confsp4
10 techniques from hacking labs1.3 miss confsp4
 
Squid
SquidSquid
Squid
 
Squid Caching for Web Content Accerlation
Squid Caching for Web Content AccerlationSquid Caching for Web Content Accerlation
Squid Caching for Web Content Accerlation
 
Squid proxy server
Squid proxy serverSquid proxy server
Squid proxy server
 
Безопасность интернет-приложений осень 2013 лекция 7
Безопасность интернет-приложений осень 2013 лекция 7Безопасность интернет-приложений осень 2013 лекция 7
Безопасность интернет-приложений осень 2013 лекция 7
 

Ähnlich wie Web sockets

HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022Thijs Feryn
 
Websocket protocol overview
Websocket protocol overviewWebsocket protocol overview
Websocket protocol overviewallenmeng
 
Rpi python web
Rpi python webRpi python web
Rpi python websewoo lee
 
Jetty 9 – The Next Generation Servlet Container
Jetty 9 – The Next Generation Servlet ContainerJetty 9 – The Next Generation Servlet Container
Jetty 9 – The Next Generation Servlet ContainerCodemotion
 
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Ontico
 
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атак
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атакСтек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атак
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атакPositive Hack Days
 
HTTP and 5G (fixed1)
HTTP and 5G (fixed1)HTTP and 5G (fixed1)
HTTP and 5G (fixed1)dynamis
 
DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksFelipe Prado
 
Realizzare applicazioni Web con WebSocket, by Simone Bordet
Realizzare applicazioni Web con WebSocket, by Simone BordetRealizzare applicazioni Web con WebSocket, by Simone Bordet
Realizzare applicazioni Web con WebSocket, by Simone BordetCodemotion
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 erapeychevi
 
Technical Overview of QUIC
Technical  Overview of QUICTechnical  Overview of QUIC
Technical Overview of QUICshigeki_ohtsu
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On FireJef Claes
 
HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战Jerry Qu
 
Implementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and ChallengesImplementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and ChallengesViet-Hoang Tran
 
Node.js Socket.IO
Node.js  Socket.IONode.js  Socket.IO
Node.js Socket.IOEyal Vardi
 

Ähnlich wie Web sockets (20)

Web Sockets - HTML5
Web Sockets - HTML5Web Sockets - HTML5
Web Sockets - HTML5
 
Http2 kotlin
Http2   kotlinHttp2   kotlin
Http2 kotlin
 
HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022HTTP logging met Varnishlog - PHPWVL 2022
HTTP logging met Varnishlog - PHPWVL 2022
 
Websocket protocol overview
Websocket protocol overviewWebsocket protocol overview
Websocket protocol overview
 
Router と WebSocket
Router と WebSocketRouter と WebSocket
Router と WebSocket
 
Rpi python web
Rpi python webRpi python web
Rpi python web
 
Jetty 9 – The Next Generation Servlet Container
Jetty 9 – The Next Generation Servlet ContainerJetty 9 – The Next Generation Servlet Container
Jetty 9 – The Next Generation Servlet Container
 
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
Проксирование HTTP-запросов web-акселератором / Александр Крижановский (Tempe...
 
HTTP
HTTPHTTP
HTTP
 
111214 node conf
111214 node conf111214 node conf
111214 node conf
 
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атак
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атакСтек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атак
Стек Linux HTTPS/TCP/IP для защиты от HTTP-DDoS-атак
 
HTTP and 5G (fixed1)
HTTP and 5G (fixed1)HTTP and 5G (fixed1)
HTTP and 5G (fixed1)
 
DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacks
 
Realizzare applicazioni Web con WebSocket, by Simone Bordet
Realizzare applicazioni Web con WebSocket, by Simone BordetRealizzare applicazioni Web con WebSocket, by Simone Bordet
Realizzare applicazioni Web con WebSocket, by Simone Bordet
 
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 eraHTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
HTTP/2 and QUICK protocols. Optimizing the Web stack for HTTP/2 era
 
Technical Overview of QUIC
Technical  Overview of QUICTechnical  Overview of QUIC
Technical Overview of QUIC
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On Fire
 
HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战HTTP2:新的机遇与挑战
HTTP2:新的机遇与挑战
 
Implementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and ChallengesImplementing Early Hints in Chrome - Approaches and Challenges
Implementing Early Hints in Chrome - Approaches and Challenges
 
Node.js Socket.IO
Node.js  Socket.IONode.js  Socket.IO
Node.js Socket.IO
 

Kürzlich hochgeladen

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesExploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesSanjay Willie
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dashnarutouzumaki53779
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Kürzlich hochgeladen (20)

Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesExploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dash
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

Web sockets