Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What does "258EAFA5-E914-47DA-95CA-C5AB0DC85B11" means in WebSocket Protocol

Tags:

guid

websocket

magic-string

I don't understand the meaning of "258EAFA5-E914-47DA-95CA-C5AB0DC85B11" in RFC 6455. Why does the server need this magic string? And why does the WebSocket protocol need this mechanism?

like image 705
Hakju Oh Avatar asked Nov 19 '12 14:11

Hakju Oh

People also ask

What protocol does WebSocket use?

The WebSocket protocol is an independent TCP-based protocol. Its only relationship to HTTP is that its handshake is interpreted by HTTP servers as an Upgrade request. By default the WebSocket protocol uses port 80 for regular WebSocket connections and port 443 for WebSocket connections tunneled over TLS [RFC2818].

How does a WebSocket protocol work?

WebSocket uses a unified TCP connection and needs one party to terminate the connection. Until it happens, the connection remains active. HTTP needs to build a distinct connection for separate requests. Once the request is completed, the connection breaks automatically.

What is Ping and Pong in WebSocket?

A ping or pong is just a regular frame, but it's a control frame. Pings have an opcode of 0x9 , and pongs have an opcode of 0xA . When you get a ping, send back a pong with the exact same Payload Data as the ping (for pings and pongs, the max payload length is 125).

What is WebSocket key?

The |Sec-WebSocket-Key| header field is used in the WebSocket opening handshake. It is sent from the client to the server to provide part of the information used by the server to prove that it received a valid WebSocket opening handshake.

2 Answers

The RFC explains it. It is a GUID, selected because it is "unlikely to be used by network endpoints that do not understand the WebSocket Protocol". See RFC 6455.

If you're interested in the specifics of the format for GUIDs like that, see RFC 4122.

like image 195
David Schwartz Avatar answered Oct 02 '22 17:10

David Schwartz

From the Quora answer:

There is no reason for choosing the magic string. The particular magic string GUID was chosen to add some level of integrity to the WebSockets protocol, because the string is globally unique.

The RFC (RFC 6455 - The WebSocket Protocol) only says:

...concatenate this with the Globally Unique Identifier (GUID, [RFC4122]) "258EAFA5-E914-47DA-95CA-C5AB0DC85B11" in string form, which is unlikely to be used by network endpoints that do not understand the WebSocket Protocol.

Hope that answers your question.

like image 26
chaudharyp Avatar answered Oct 02 '22 16:10

chaudharyp
Sign in to Comment

Related questions

What technology does Google Drive use to get real-time updates?
Setting up a websocket on Apache?
Web sockets make ajax/CORS obsolete?
How to read websocket response in linux shell
How to Create Secure(TLS/SSL) Websocket Server
How to use Tomcat 8 in Eclipse?
Path variables in Spring WebSockets @SendTo mapping
Socket.io 1.x: use WebSockets only?
HTML5 websockets: max number of open connections?
Are WebSockets suitable for real-time multiplayer games?
WebRTC and Websockets. Is there a difference
are websockets secure or not?
Socket.IO Connected User Count
disadvantages of websockets
Is there a WebSocket client implemented for .NET? [closed]
What is Sec-WebSocket-Key for?
WebSocket on IE10 giving a SecurityError
How to reconnect to websocket after close connection [duplicate]
"websocket was interrupted while page is loading" on Firefox for Socket.io
Chrome 59+ websocket frames no longer visible in DevTools

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!