[whatwg] HttpOnly cookie for WebSocket?
salvatore.loreto at ericsson.com
Thu Jan 28 00:38:04 PST 2010
a new IETF wg has been formed to take care of WebSocket protocol
So, this issue is something it should be discussed there
(btw I am forwdard it to the HyBi ml)
N.B. to subscribe to the HyBi ml: https://www.ietf.org/mailman/listinfo/hybi
A new IETF working group has been formed in the Applications Area.
> For additional information, please contact the Area Directors or the
> WG Chairs.
> BiDirectional or Server-Initiated HTTP (hybi)
On 01/28/2010 10:12 AM, Fumitoshi Ukai (鵜飼文敏) wrote:
> May/Should WebSocket use HttpOnly cookie while Handshaking?
> I think it would be useful to use HttpOnly cookie on WebSocket so that
> we could authenticate the WebSocket connection by the auth token
> cookie which might be HttpOnly for security reason.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the whatwg