Post on 22-Jul-2020
Realtime web:Not there yet!
Marek Majkowski
marek@rabbitmq.com
1
Nogi
2
3
4
5
6
7
WebSockets
hixie-75 4 5.0.0
hixie-76 4 (disabled)
6 5.0.1 11 (disabled)
hybi-07 6
hybi-10 7 14 10-dev
8
Spot the difference!$ nc localhost 12345GET /echo HTTP/1.1Origin: http://172.16.173.128:12345Host: 172.16.173.128:12345Connection: UpgradeUpgrade: WebSocketSec-WebSocket-Key2: `1]2037 7 GX 'f<Vb1*5$64Sec-WebSocket-Key1: 2Uf ?<,4C28E1K7J4+208Cookie2: $Version=1Cookie: JSESSIONID=a
aaaaaaaaaaaaaaaHTTP/1.1 101 WebSocket Protocol HandshakeUpgrade: WebSocketConnection: UpgradeSec-WebSocket-Location: ws://[...]Sec-WebSocket-Origin: http://[...]
m"7]SDgo0^C
$ nc localhost 8080GET /broadcast/765/321/websocket HTTP/1.1Origin: http://172.16.173.128:8080Host: 172.16.173.128:8080Connection: UpgradeUpgrade: WebSocketSec-WebSocket-Key2: `1]2037 7 GX 'f<Vb1*5$64Sec-WebSocket-Key1: 2Uf ?<,4C28E1K7J4+208Cookie2: $Version=1Cookie: JSESSIONID=a
aaaaaaaaaaaaaaaHTTP/1.1 101 WebSocket Protocol HandshakeUpgrade: websocketConnection: UpgradeSec-WebSocket-Location: ws://[...] Sec-WebSocket-Origin: http://[...]
m"7]SDgo0^C
9
The RFC says
-> If the entry's name is "upgrade" If the value is not exactly equal to the string "WebSocket", then fail the WebSocket connection and abort these steps.
[...]
|Upgrade| The value must be the string "WebSocket".
[...]
|Upgrade| Invariant part of the handshake. Will always have a value that is an ASCII case-insensitive match for the string "WebSocket".
10
ProxiesCONNECT sockjs1.popcnt.org:80 HTTP/1.1Host: sockjs1.popcnt.orgProxy-Connection: keep-alive
GET /echo/855/duzzy2p1/websocket HTTP/1.1Upgrade: WebSocketConnection: UpgradeHost: sockjs1.popcnt.orgOrigin: http://sockjs.popcnt.orgSec-WebSocket-Key1: 22p/ D"47900%n7 r90.Sec-WebSocket-Key2: m49" 5 f 24772 Ra 0
GET /echo/070/lm6wwjpr/websocket HTTP/1.1Host: sockjs1.popcnt.orgUser-Agent: [...] Gecko/20100101 Firefox/6.0.2Accept: text/html,application/xhtml [...]Accept-Language: en-us,en;q=0.5Accept-Encoding: gzip, deflateAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7Sec-WebSocket-Version: 7Sec-WebSocket-Origin: http://sockjs.popcnt.orgSec-WebSocket-Key: bzG4fOYXabSiy42uFj6vjA==Pragma: no-cacheCache-Control: no-cacheUpgrade: websocketConnection: Upgrade
HTTP/1.0 400 Bad RequestServer: squid/2.7.STABLE9Date: Wed, 21 Sep 2011 06:16:10 GMTContent-Type: text/htmlContent-Length: 1943X-Squid-Error: ERR_INVALID_REQ 0X-Cache: MISS from mrstuX-Cache-Lookup: NONE from mrstu:3128Via: 1.0 mrstu:3128 (squid/2.7.STABLE9)Connection: close
11
• #1 Realtime web: Not there yet!
12
Shared nothing + database
13
Shared nothing + message bus
14
Node.js + Socket.io
15
Sync + Async
16
Sync + Service
17
18
Google App Engine
19
Google App Engine
• Simplex
19
Google App Engine
• Simplex
• No broadcast
19
Google App Engine
• Simplex
• No broadcast
• No presence
19
PubNub
20
PubNub
• Duplex
20
PubNub
• Duplex
• Broadcast
20
PubNub
• Duplex
• Broadcast
• No access rights
20
PubNub
• Duplex
• Broadcast
• No access rights
• No identity
20
Pusher
21
Pusher
• Simplex
21
Pusher
• Simplex
• Broadcast
21
Pusher
• Simplex
• Broadcast
• Access rights *
21
Pusher
• Simplex
• Broadcast
• Access rights *
• Identity *
21
Pusher
• Simplex
• Broadcast
• Access rights *
• Identity *
• Presence *
21
We can do better
22
We can do better
• Duplex
22
We can do better
• Duplex
• Broadcast
22
We can do better
• Duplex
• Broadcast
• Access rights
22
We can do better
• Duplex
• Broadcast
• Access rights
• Identity
22
We can do better
• Duplex
• Broadcast
• Access rights
• Identity
• Presence
22
23
• Authorisation
23
• Authorisation
• Identity
23
• Authorisation
• Identity
• Permissions
23
• Authorisation
• Identity
• Permissions
• Resource definitions + semantics
23
• Authorisation
• Identity
• Permissions
• Resource definitions + semantics
• Value + updates?
23
• Authorisation
• Identity
• Permissions
• Resource definitions + semantics
• Value + updates?
• Messages back to App (WebHooks)
23
• Authorisation
• Identity
• Permissions
• Resource definitions + semantics
• Value + updates?
• Messages back to App (WebHooks)
• Presence
23
• Authorisation
• Identity
• Permissions
• Resource definitions + semantics
• Value + updates?
• Messages back to App (WebHooks)
• Presence
• Good luck writing documentation!
23
Service?
24
Sync + Async
25
Fully async
26
SockJS
27
• #3 Realtime web: Not there yet!
28
29
30
#sockjs
github.com/sockjs31
1. token
32
2. token
33
3. token
34
So?
35
36