International Journal of Computer Applications |
Foundation of Computer Science (FCS), NY, USA |
Volume 82 - Number 6 |
Year of Publication: 2013 |
Authors: Achin Kulshrestha |
10.5120/14119-2221 |
Achin Kulshrestha . An Empirical study of HTML5 Websockets and their Cross Browser behavior for Mixed Content and Untrusted Certificates. International Journal of Computer Applications. 82, 6 ( November 2013), 13-18. DOI=10.5120/14119-2221
Websockets allow a full duplex connection to be made over a single socket between the client and the server. Today, Websockets is a finished standard and has greatly helped modern web applications to achieve real time communication without any overhead of sending HTTP headers with every request. This research provides an overview of the Websocket protocol and API, and focuses on the state of Websocket security. The research also aims to explicate behavior of different browser implementations of Websockets when delivering mixed content (ws/https) and the browser response when an untrusted certificate is encountered while making a secure Websocket connection. The crux of this paper is to analyze at the grassroots security concerns pertaining to Websockets and discuss best practices for secure deployment.