WebSocket Opening Handshake Messages
How does the WebSocket Opening Handshake work?
WebSocket Opening Handshake starts with the client sends the opening handshake request as an HTTP request message in the following format:
GET /chat HTTP/1.1 Host: server.example.com Upgrade: websocket Connection: Upgrade Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Origin: http://example.com Sec-WebSocket-Protocol: chat, superchat Sec-WebSocket-Version: 13
What the client is saying here is that: "I am starting with the HTTP protocol first, but I would like to upgrade to WebSocket protocl. Please confirm."
The server needs return the opening handshake response as an HTTP response message in the following format:
HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
What the client is saying here is that: "I agree that we can switch protocol to WebSocket. And I am ready."
An important piece of data in the client request is the "Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==" header line. It provides a handshake key to the server.
The server has to concatenate the key with "58EAFA5-E914-47DA-95CA-C5AB0DC85B11" as "dGhlIHNhbXBsZSBub25jZQ==258EAFA5-E914-47DA-95CA-C5AB0DC85B11". Then hash it with SHA-1 algorithm. The Base64 encodede hash value "s3pPLMBiTxaQ9kYGzzhZRbK+xOo=" needs to be returned to the cliend in the "Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=" header line.
To finish the opening handshake, the client has to verify the hash value received from the server to reduce risks of being attached.
2018-01-27, 496👍, 0💬
tools.jar from JDK 1.6.0_02. JAR File Size and Download Location: File name: tools.jar File size: 12...
What Is commons-logging-1.0.4.ja r?commons-logging-1.0.4.ja ris the JAR file for Apache Commons Logg...
What Is jaxb-api-2.1.6.jar? Java Architecture for XML Binding (JAXB) is a Java API that allows Java ...
JAXP (Java API for XML Processing) API, Release 1.4.2, is the reference implementation of the JAXP s...
Apache Axis2 is the core engine for Web services. It is a complete re-design and re-write of the wid...