tags:

views:

877

answers:

3
+4  Q: 

Will html5 websockets be crippled by firewalls?

I'm extremely excited about html5's websockets spec but I have a concern.

These days everyone is operating off of some network, with routers (wired/wireless) that have built in firewalls, windows has a built in firewall too.

With that in mind when the server attempts to connect back to the browser that started the websocket handshake will it fail for the vast majority of users? (most people have no idea how to set up port forwarding on their routers)

Or is my thinking incorrect and it will go through fine?

+2  A: 

I'm not an expert (so please check to confirm) but I beleive there will be an UPGRADE mechanism where a regular HTTP connection can be made, then upgraded to a WebSocket, so no existing firewall rules interfere unless they are doing aggressive application level packet inspection. Connections are still initiated by the browser.

Mark Renouf  2009-12-28 04:29:41
I believe you're right, the whole protocol is effectively an extension of HTTP so all the traffic goes over port 80
teepark  2009-12-28 04:32:47
Any firewall that does statefull packet inspection will drop WebSocket traffic. After the upgrade - it's not HTTP anymore.
Brian Dilley  2010-10-18 21:35:59
+2  A: 

HTML 5 WebSockets don't require port forwarding. Connections continue to be established from the client, but the client and server swap roles once the connection is established (TCP is a symmetric protocol after establishment). WebSockets also punch through proxies by using the same CONNECT model that HTTPS uses today.

Marcelo Cantos  2009-12-28 04:32:53
+1  A: 

Since firewalls typically simply enforce the rules for inbound traffic rejection and outbound traffic routing (usually through the proxy server), there usually are no specific WebSocket traffic-related firewall concerns.

Proxy servers (and to some extent, certain load balancing routers as well) are a different matter though (See http://stackoverflow.com/questions/2201317/why-dont-current-websocket-client-implementations-support-proxies/2291377#2291377)

Peter Lubbers  2010-02-18 20:12:56

related questions

How do I get the external IP of a socket in Python?
How Do Sockets Work in C?
How do you send and receive UDP packets in Java on a multihomed machine?
Can't Re-bind a socket to an existing IP/Port Combination
Reading from a socket in C#
Sockets and Processes in Java
Stream data (such as music) using PHP (or another language)
How to forcibly close a socket in TIME_WAIT?
How do I make persistent network sockets on Unix in Ruby?
What's the idiomatic way to do async socket programming in Delphi?
How do you minimize the number of threads used in a tcp server application?
WSACancelBlockingCall exception
C# Performance For Proxy Server (vs C++)
How to get your own (local) IP-Address from an udp-socket (C/C++)
Free Network Monitor
Reconnect logic with connectivity notifications
Maximum buffer length for sendto?
Configure a Java Socket to fail-fast on disconnect?
Sockets in Pascal
Firefox plugin - sockets
How can I determine the IP of my router/gateway in Java?
ActionScript 3.0 sockets can't reconnect
Reverse DNS in Ruby?
Asynchronous multi-direction server-client communication over the same open socket?
How to use the C socket API in C++ on z/OS