May/Should WebSocket use HttpOnly cookie while Handshaking?<div>I think it would be useful to use HttpOnly cookie on WebSocket so that we could authenticate the WebSocket connection by the auth token cookie which might be HttpOnly for security reason.<br>
<div><br></div><div><a href="http://www.ietf.org/id/draft-ietf-httpstate-cookie-02.txt">http://www.ietf.org/id/draft-ietf-httpstate-cookie-02.txt</a></div><div><br></div><div>-- </div><div>ukai</div><div><br></div></div>