1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [99s-extend] websocket over ssl
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20websocket%20over%20ssl&In-Reply-To=%3C54B13550.5050504%40ninenines.eu%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000484.html">
<LINK REL="Next" HREF="000486.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[99s-extend] websocket over ssl</H1>
<B>Loïc Hoguin</B>
<A HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20websocket%20over%20ssl&In-Reply-To=%3C54B13550.5050504%40ninenines.eu%3E"
TITLE="[99s-extend] websocket over ssl">essen at ninenines.eu
</A><BR>
<I>Sat Jan 10 15:21:04 CET 2015</I>
<P><UL>
<LI>Previous message: <A HREF="000484.html">[99s-extend] websocket over ssl
</A></li>
<LI>Next message: <A HREF="000486.html">[99s-extend] websocket over ssl
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#485">[ date ]</a>
<a href="thread.html#485">[ thread ]</a>
<a href="subject.html#485">[ subject ]</a>
<a href="author.html#485">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Assuming you have no problem understanding HTTPS, the only differences
between plain Websocket and HTTPS Websocket are as follow:
In your browser, your <A HREF="ws://">ws://</A> links become <A HREF="wss://">wss://</A> links.
In Cowboy, use start_https instead of start_http. There is no change
required in your code otherwise.
It may or may not be possible to use <A HREF="wss://">wss://</A> from an HTTP page or <A HREF="ws://">ws://</A>
from an HTTPS page, I'm not too up to date on that one. Otherwise, <A HREF="ws://">ws://</A>
from HTTP page or <A HREF="wss://">wss://</A> from HTTPS page works as intended.
There is no requirement that a Websocket connection is initiated on a
new TCP connection. I am not sure if browsers reuse connections or not.
On 01/10/2015 02:55 PM, <A HREF="https://lists.ninenines.eu/listinfo/extend">e at bestmx.net</A> wrote:
><i> Hello all.
</I>><i>
</I>><i> I am trying to alter my cowboy-based websocket server from plain to SSL
</I>><i> connection.
</I>><i> And I found out that I have failed to understand very basics of the
</I>><i> combination of WS and SSL.
</I>><i>
</I>><i> As far as i've understood the very nature of the WS it is a bit altered
</I>><i> http connection (i open the http connection first, and then i change its
</I>><i> status to WS)
</I>><i>
</I>><i> On the other hand the whole "HTTP story" could be wrapped into SSL, so
</I>><i> that SSL is an outer layer of data encoding (as seen transparent by an
</I>><i> application)
</I>><i>
</I>><i> thus,
</I>><i> if I open HTTPS connection (which implies SSL enveloping) and then alter
</I>><i> the connection status to WS, the whole "WS story" appears naturally
</I>><i> INSIDE THE PREVIOUSLY ESTABLISHED SSL CONNECTION.
</I>><i>
</I>><i> Is it true?
</I>><i>
</I>><i> In this regard i can hardly find a place in this world for the "WSS"
</I>><i> term, what does it stand for?
</I>><i>
</I>><i> Please, help me fit it in my head.
</I>><i>
</I>><i> However, i might be confusing some Client-Side entities, that are
</I>><i> involved in the process of starting up my WebSocket.
</I>><i>
</I>><i> I am using a Browser with JavaScript.
</I>><i>
</I>><i> The semantics of the very WebSocket.start() operation is not enough
</I>><i> clear to me. Please, do not laugh.
</I>><i>
</I>><i> when i do JS WebSocket.start() does it:
</I>><i> (a) opens an http connection and then alters it to WS
</I>><i> (b) alters the connection in the context of which the JS process is running
</I>><i> ????
</I>><i>
</I>><i> I'll be damned if the answer was lying on the surface of the internet!
</I>><i>
</I>><i> The third part of this ugly question is about cowboy actually.
</I>><i> How all these entities mentioned above do map into my_app.erl file?
</I>><i> what particular bits of cowboy's "configuration" (may i call this
</I>><i> particular piece of code a "setup" or "config"?) affect what aspects of
</I>><i> the connection initialization.
</I>><i>
</I>><i> well, i am afraid it could be put in a simpler way:
</I>><i> "Exactly When and Where the WSS story begins?"
</I>><i>
</I>><i> _______________________________________________
</I>><i> Extend mailing list
</I>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">Extend at lists.ninenines.eu</A>
</I>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">https://lists.ninenines.eu/listinfo/extend</A>
</I>
--
Loïc Hoguin
<A HREF="http://ninenines.eu">http://ninenines.eu</A>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000484.html">[99s-extend] websocket over ssl
</A></li>
<LI>Next message: <A HREF="000486.html">[99s-extend] websocket over ssl
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#485">[ date ]</a>
<a href="thread.html#485">[ thread ]</a>
<a href="subject.html#485">[ subject ]</a>
<a href="author.html#485">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://lists.ninenines.eu/listinfo/extend">More information about the Extend
mailing list</a><br>
</body></html>
|