An Empirical study of HTML5 Websockets and their Cross Browser behavior for Mixed Content and Untrusted Certificates

Achin Kulshrestha
2013 International Journal of Computer Applications  
Websockets allow a full duplex connection to be made over a single socket between the client and the server. Today, Websockets is a finished standard and has greatly helped modern web applications to achieve real time communication without any overhead of sending HTTP headers with every request. This research provides an overview of the Websocket protocol and API, and focuses on the state of Websocket security. The research also aims to explicate behavior of different browser implementations of
more » ... Websockets when delivering mixed content (ws/https) and the browser response when an untrusted certificate is encountered while making a secure Websocket connection. The crux of this paper is to analyze at the grassroots security concerns pertaining to Websockets and discuss best practices for secure deployment.
doi:10.5120/14119-2221 fatcat:ot3yhedrgbfw7fzcxhnhfwms6i