New WebSocket Protocol: Secure and Extensible

Monday, August 01, 2011

Labels:

The WebSocket protocol specification is now largely stable, having solved previous security concerns. As such, we’ve updated Chromium to support the latest version (draft-ietf-hybi-thewebsocketprotocol-10) on the dev channel (14.0.835.2). Given that the specification is now in “last-call” and and no further breaking changes are expected, it should now be safe to use WebSockets for production application development.

Please note that the new protocol is incompatible with one which Chromium previously supported (draft-ietf-hybi-thewebsocketprotocol-00), so existing WebSocket-based services may break. Please upgrade your servers to ones which support HyBi 10. Existing JavaScript code still works once the protocol version used by the browser and server match.

The new protocol introduces some exciting new features like binary message support and compression support, but these are not quite ready yet in Chrome and will come shortly - hang tight!

See the specs and discussion at W3C and WHATWG (spec, whatwg list) and IETF (spec, HyBi list) for more detail about the new protocol.

We’re more than happy to hear your feedback, and encourage you to file any bugs you find on our issue tracker.

Post a Comment