[html5] r4269 - [e] (0) Add a note explaining why the connection might get dropped after a minim [...]

whatwg at whatwg.org whatwg at whatwg.org
Wed Oct 21 16:53:18 PDT 2009 

Author: ianh
Date: 2009-10-21 16:53:16 -0700 (Wed, 21 Oct 2009)
New Revision: 4269

Modified:
   complete.html
   source
Log:
[e] (0) Add a note explaining why the connection might get dropped after a minimal handshake.

Modified: complete.html
===================================================================
--- complete.html	2009-10-21 23:46:01 UTC (rev 4268)
+++ complete.html	2009-10-21 23:53:16 UTC (rev 4269)
@@ -67368,7 +67368,13 @@
 
   <p>If the connection isn't dropped at this point, go to the <a href=#ws-sd-framing>data framing</a> section.</p>
 
+  <p class=note>User agents will drop the connection after the
+  handshake if the values returned for <code title="">WebSocket-Origin</code> and <code title="">WebSocket-Location</code> don't match what the client sent
+  to the server, to protect the server from third-party scripts. This
+  is why the server has to send these strings: to confirm which
+  origins and URLs the server is willing to service.</p>
 
+
   <h6 id=handshake-details><span class=secno>10.3.4.4.2 </span>Handshake details</h6>
 
   <p>The previous section ignores the data that is transmitted by the

Modified: source
===================================================================
--- source	2009-10-21 23:46:01 UTC (rev 4268)
+++ source	2009-10-21 23:53:16 UTC (rev 4269)
@@ -75718,7 +75718,15 @@
   <p>If the connection isn't dropped at this point, go to the <a
   href="#ws-sd-framing">data framing</a> section.</p>
 
+  <p class="note">User agents will drop the connection after the
+  handshake if the values returned for <code
+  title="">WebSocket-Origin</code> and <code
+  title="">WebSocket-Location</code> don't match what the client sent
+  to the server, to protect the server from third-party scripts. This
+  is why the server has to send these strings: to confirm which
+  origins and URLs the server is willing to service.</p>
 
+
   <h6>Handshake details</h6>
 
   <p>The previous section ignores the data that is transmitted by the

More information about the Commit-Watchers mailing list