WebSocket Opening Handshake Messages
How does the WebSocket Opening Handshake work?
WebSocket Opening Handshake starts with the client sends the opening handshake request as an HTTP request message in the following format:
GET /chat HTTP/1.1 Host: server.example.com Upgrade: websocket Connection: Upgrade Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Origin: http://example.com Sec-WebSocket-Protocol: chat, superchat Sec-WebSocket-Version: 13
What the client is saying here is that: "I am starting with the HTTP protocol first, but I would like to upgrade to WebSocket protocl. Please confirm."
The server needs return the opening handshake response as an HTTP response message in the following format:
HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
What the client is saying here is that: "I agree that we can switch protocol to WebSocket. And I am ready."
An important piece of data in the client request is the "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" header line. It provides a handshake key to the server.
The server has to concatenate the key with "58EAFA5-E914-47DA-95CA-C5AB0DC85B11" as "dGhlIHNhbXBsZSBub25jZQ==258EAFA5-E914-47DA-95CA-C5AB0DC85B11". Then hash it with SHA-1 algorithm. The Base64 encodede hash value "s3pPLMBiTxaQ9kYGzzhZRbK+xOo=" needs to be returned to the cliend in the "Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=" header line.
To finish the opening handshake, the client has to verify the hash value received from the server to reduce risks of being attached.
2018-01-27, 756👍, 0💬
What Is commons-lang3-3.1.jar? commons-lang3-3.1.jar is the JAR file for Apache Commons Lang 3.1, wh...
Jetty provides an HTTP server, HTTP client, and javax.servlet container. These components are open s...
JRE 8 rt.jar is the JAR file for JRE 8 RT (Runtime) libraries. JRE (Java Runtime) 8 is the runtime e...
JLayer is a library that decodes/plays/converts MPEG 1/2/2.5 Layer 1/2/3 (i.e. MP3) in real time for...
Joda-Time provides a quality replacement for the Java date and time classes. The design allows for m...