[whatwg] web-apps - TCPConnection
Ian Hickson
ian at hixie.ch
Wed Oct 26 11:12:21 PDT 2005
On Mon, 17 Oct 2005, Michael Gratton wrote:
>
> On Mon, 2005-10-17 at 05:27 +0000, Ian Hickson wrote:
> > It's not intended to use port 80 only; where does it say that? That's
> > an error. It is intended to be usable on ports 80, 443, and anything
> > greater than 1024. (80 and 443 to attempt to tunnel out of psychotic
> > firewalls, [...])
>
> ObFirewallsExistForAReasonRant: But then you are trying to subvert the
> entire point of the firewall in the first place, which is just going to
> annoy network admins. If they don't already have a proxy in place they
> will put one in pretty quick. XML-RPC and SOAP constitute similar
> annoyances.
Even if they do, since this protocol supports being carried over SSL and
since it supports being sent over port 443, you can still get out. :-)
What reason is there to prevent Web pages from making out-going
TCPConnections, if they are allowed to make outgoing HTTP connections,
given that you can always, if you try hard enough, implement one by using
the other?
> I would suggest the spec should just require all connections be made on
> ports above 1024. It will make it clear to people behind a firewall that
> they will need to get a hole made to use the web app and avoids the
> problem with transparent proxies.
This would basically kill this feature, since Web sites wouldn't use
something that they can't guarentee will be able to get out.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list