Browse Definitions :
Definition

WebSocket

WebSocket is a communications protocol for a persistent, bi-directional, full duplex TCP connection from a user’s web browser to a server.

A WebSocket connection is initiated by sending a WebSocket handshake request from a browser’s HTTP connection to a server to upgrade the connection. Along with the upgrade request header, the handshake request includes a 64-bit Sec-WebSocket-Key header. The server responds with a hash of the key in a Sec-Websocket-Auth header. This header exchange prevents a caching proxy from resending previous WebSocket exchanges.

From that point, the connection is binary and does not conform to HTTP protocol. A server application is aware of all WebSocket connections and can communicate with each one individually. As WebSocket remains open, either the server or the user can send messages at any time until one of them closes the session. The communication can be initiated at either end, which makes event-driven web programming possible. In contrast, standard HTTP allows only users to request new data.

WebSocket was first seen in HTML5 specifications as TCPConnection, a place holder for a TCP-based socket API. The protocol was developed by Ian Hickson and Michael Carter and standardized by the IETF in RFC 6455 in 2011. WebSocket is supported by almost all major web browsers including Firefox, Chrome, Opera, Edge and Internet Explorer.

This was last updated in December 2016

Continue Reading About WebSocket

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • bare-metal cloud

    Bare-metal cloud is a public cloud service that offers dedicated hardware resources without any installed operating systems or ...

  • race condition

    A race condition is an undesirable situation that occurs when a device or system attempts to perform two or more operations at ...

  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

Close