[LINK] WebSockets
Greg Taylor
gtefa at internode.on.net
Wed Mar 30 13:37:27 AEDT 2011
This is worth viewing:
http://www.xtranormal.com/watch/7991991/
On 2011/03/29 8:05 PM, rene wrote:
> [...]
> Apparently late last year, due to security issues in WebSockets protocol,
> various browsers including Firefox and Opera disabled default support,
> which resulted in web pages about how to re-enable support. Doing the
> opposite, ie. in terms of ticking/unticking a box or changing a true/false
> field, will disable Websockets:
>
> http://techdows.com/2010/12/enable-websockets-in-opera-11.html
> http://techdows.com/2010/12/turn-on-websockets-in-firefox-4.html
>
> I've no idea whether the security issues have been resolved, nor what the
> default state of enablement is in various browsers. Nor do I know whether
> Websockets can be disabled in IE or anything else.
>
> I knew about Opera because when I install a new version I typically look
> through the "config" local page for new stuff that I might not want. Since
> Firefox and Opera quite often have similar enable/disable options in the
> "config" page, I guessed Firefox may, and looked for that. Haven't bothered
> to search for whether any browser enables disablement.
>
I've tried to find out more about the current status of the security
issues, but I've been unsuccessful.
What we seem to have here is an immature HTML5 feature, and an unsettled
protocol specification, being released in production versions of various
browsers so that developers can play with it, amid confusion about
whether the feature is enabled or disabled by default in some browser
versions.
Quite apart from concerns about pushed content, it would seem prudent to
disable WebSockets until there is clarification about the status of the
security issues.
Greg
More information about the Link
mailing list