[99s-extend] websocket over ssl

Loïc Hoguin essen at ninenines.eu
Sat Jan 10 15:21:04 CET 2015


Assuming you have no problem understanding HTTPS, the only differences 
between plain Websocket and HTTPS Websocket are as follow:

In your browser, your ws:// links become wss:// links.

In Cowboy, use start_https instead of start_http. There is no change 
required in your code otherwise.

It may or may not be possible to use wss:// from an HTTP page or ws:// 
from an HTTPS page, I'm not too up to date on that one. Otherwise, ws:// 
from HTTP page or wss:// from HTTPS page works as intended.

There is no requirement that a Websocket connection is initiated on a 
new TCP connection. I am not sure if browsers reuse connections or not.

On 01/10/2015 02:55 PM, e at bestmx.net wrote:
> Hello all.
>
> I am trying to alter my cowboy-based websocket server from plain to SSL
> connection.
> And I found out that I have failed to understand very basics of the
> combination of WS and SSL.
>
> As far as i've understood the very nature of the WS it is a bit altered
> http connection (i open the http connection first, and then i change its
> status to WS)
>
> On the other hand the whole "HTTP story" could be wrapped into SSL, so
> that SSL is an outer layer of data encoding (as seen transparent by an
> application)
>
> thus,
> if I open HTTPS connection (which implies SSL enveloping) and then alter
> the connection status to WS, the whole "WS story" appears naturally
> INSIDE THE PREVIOUSLY ESTABLISHED SSL CONNECTION.
>
> Is it true?
>
> In this regard i can hardly find a place in this world for the "WSS"
> term, what does it stand for?
>
> Please, help me fit it in my head.
>
> However, i might be confusing some Client-Side entities, that are
> involved in the process of starting up my WebSocket.
>
> I am using a Browser with JavaScript.
>
> The semantics of the very WebSocket.start() operation is not enough
> clear to me. Please, do not laugh.
>
> when i do JS WebSocket.start() does it:
> (a) opens an http connection and then alters it to WS
> (b) alters the connection in the context of which the JS process is running
> ????
>
> I'll be damned if the answer was lying on the surface of the internet!
>
> The third part of this ugly question is about cowboy actually.
> How all these entities mentioned above do map into my_app.erl file?
> what particular bits of cowboy's "configuration" (may i call this
> particular piece of code a "setup" or "config"?) affect what aspects of
> the connection initialization.
>
> well, i am afraid it could be put in a simpler way:
> "Exactly When and Where the WSS story begins?"
>
> _______________________________________________
> Extend mailing list
> Extend at lists.ninenines.eu
> https://lists.ninenines.eu/listinfo/extend

-- 
Loïc Hoguin
http://ninenines.eu


More information about the Extend mailing list