HTML Standard Tracker

Filter

File a bug

SVNBugCommentTime (UTC)
3725Update WebSocket to use ports 80 and 443 instead of 81 and 815, on advice from IANA.2009-09-02 00:18
@@ -71429,49 +71429,40 @@ interface <dfn>WebSocket</dfn> {
 
 
   <h6>Relationship to TCP/IP and HTTP</h6>
 
   <p><i>This section is non-normative.</i></p>
 
   <p>The Web Socket protocol is an independent TCP-based protocol. Its
   only relationship to HTTP is that its handshake is interpreted by
   HTTP servers as an Upgrade request.</p>
 
-  <p>The Web Socket protocol by default uses port 81 for regular
-  Web Socket connections and port 815 for Web Socket connections
-  tunneled over TLS.</p>
+  <p>Based on the expert recommendation of the IANA<!-- [IANA #257455]
+  -->, the Web Socket protocol by default uses port 80 for regular Web
+  Socket connections and port 443 for Web Socket connections tunneled
+  over TLS.</p>
 
 
   <h6>Establishing a connection</h6>
 
   <p><i>This section is non-normative.</i></p>
 
   <p>There are several options for establishing a Web Socket connection.</p>
 
-  <p>The simplest method is to use port 81 to get a direct connection
-  to a Web Socket server. However, this port may be blocked by
-  firewalls.</p>
-
-  <p>The second simplest method is to use TLS encryption and port 815
-  to connect directly to a Web Socket server. This is the preferred
-  solution, as it is secure and correct. However, TLS encryption can
-  be computationally expensive, and port 815 might also be blocked by
-  firewalls.</p>
-
-  <p>To avoid firewalls, ports 80 and 443 might be used instead. These
-  are the HTTP and HTTPS ports. Port 80 traffic, however, will often
-  be intercepted by HTTP proxies, which can lead to the connection
+  <p>The simplest method is to use port 80 to get a direct connection
+  to a Web Socket server. Port 80 traffic, however, will often be
+  intercepted by HTTP proxies, which can lead to the connection
   failing to be established.</p>
 
-  <p>Port 443, using encryption, is therefore the most reliable
-  solution. It is unlikely to be blocked by a firewall or intercepted
-  by a proxy. However, again, TLS encryption can be computationally
+  <p>The second simplest method is to use TLS encryption and port 443
+  to connect directly to a Web Socket server. This has the advantage
+  of being more secure; however, TLS encryption can be computationally
   expensive.</p>
 
   <p>When a connection is to be made to a port that is shared by an
   HTTP server (a situation that is quite likely to occur with traffic
   to ports 80 and 443), the connection will appear to the HTTP server
   to be a regular GET request with an Upgrade offer. In relatively
   simple setups with just one IP address and a single server for all
   traffic to a single hostname, this might allow a practical way for
   systems based on the Web Socket protocol to be deployed. In more
   elaborate setups (e.g. with load balancers and multiple servers), a
@@ -71484,21 +71475,21 @@ interface <dfn>WebSocket</dfn> {
   <p><i>This section is non-normative.</i></p>
 
   <p>The protocol has two parts: a handshake, and then the data
   transfer.</p>
 
   <p>The handshake from the client looks as follows:</p>
 
   <pre>GET /demo HTTP/1.1
 Upgrade: WebSocket
 Connection: Upgrade
-Host: example.com:81
+Host: example.com
 Origin: http://example.com
 WebSocket-Protocol: sample</pre>
 
   <p>The handshake from the server looks as follows:</p>
 
   <pre>HTTP/1.1 101 Web Socket Protocol Handshake
 Upgrade: WebSocket
 Connection: Upgrade
 WebSocket-Origin: http://example.com
 WebSocket-Location: ws://example.com/demo
@@ -71580,21 +71571,21 @@ WebSocket-Protocol: sample</pre>
    title="">url</var>, <span>converted to ASCII
    lowercase</span>.</p></li>
 
    <li><p>If <var title="">url</var> has a <span
    title="url-port">&lt;port&gt;</span> component, then let <var
    title="">port</var> be that component's value; otherwise, there is
    no explicit <var title="">port</var>.</p></li>
 
    <li><p>If there is no explicit <var title="">port</var>, then: if
    <var title="">secure</var> is false, let <var title="">port</var>
-   be 81, otherwise let <var title="">port</var> be 815.</p></li>
+   be 80, otherwise let <var title="">port</var> be 443.</p></li>
 
    <li><p>Let <var title="">resource name</var> be the value of the
    <span title="url-path">&lt;path&gt;</span> component (which might
    be empty) of <var title="">url</var>.</p></li>
 
    <li><p>If <var title="">resource name</var> is the empty string,
    set it to a single character U+002F SOLIDUS (/).</p></li>
 
    <li><p>If <var title="">url</var> has a <span
    title="url-query">&lt;query&gt;</span> component, then append a
@@ -71622,22 +71613,22 @@ WebSocket-Protocol: sample</pre>
 
    <li>If the <var title="">secure</var> flag is false, then append
    the string "<code title="">ws://</code>" to <var
    title="">url</var>. Otherwise, append the string "<code
    title="">wss://</code>" to <var title="">url</var>.</li>
 
    <li>Append <var title="">host</var> to <var
    title="">url</var>.</li>
 
    <li>If the <var title="">secure</var> flag is false and port is
-   not 81, or if the <var title="">secure</var> flag is true and
-   port is not 815, then append the string "<code title="">:</code>"
+   not 80, or if the <var title="">secure</var> flag is true and
+   port is not 443, then append the string "<code title="">:</code>"
    followed by <var title="">port</var> to <var
    title="">url</var>.</li>
 
    <li>Append <var title="">resource name</var> to <var
    title="">url</var>.</li>
 
    <li>Return <var title="">url</var>.</li>
 
   </ol>
 
@@ -71854,29 +71845,25 @@ Proxy-authorization: Basic ZWRuYW1vZGU6bm9jYXBlcyE=</pre>
     <p>Each header must be on a line of its own (each ending with a CR
     LF sequence). For the purposes of this step, each header must not
     be split into multiple lines (despite HTTP otherwise allowing this
     with continuation lines).</p>
 
     <div class="example">
 
      <p>For example, if the server had a username and password that
      applied to <code title="">http://example.com/socket</code>, and
      the Web Socket was being opened to <code
-     title="">ws://example.com:80/socket</code>, it could send
+     title="">ws://example.com/socket</code>, it could send
      them:</p>
 
      <pre>Authorization: Basic d2FsbGU6ZXZl</pre>
 
-     <p>However, it would not send them if the Web Socket was being
-     opened to <code title="">ws://example.com/socket</code>, as that
-     uses a different port (81, not 80).</p>
-
     </div>
 
    </li>
 
    <li>
 
     <p>Send the following bytes:</p>
 
     <pre>0d 0a</pre>
 
@@ -72498,27 +72485,27 @@ Proxy-authorization: Basic ZWRuYW1vZGU6bm9jYXBlcyE=</pre>
 
   <p>Send the string "<code title="">WebSocket-Location</code>"
   followed by a U+003A COLON (":") and a U+0020 SPACE, followed by the
   <span>URL</span> of the Web Socket script, followed by a CRLF pair
   (0x0d 0x0a).</p>
 
   <div class="example">
 
    <p>For instance:</p>
 
-   <pre>WebSocket-Location: ws://example.com:80/demo</pre>
+   <pre>WebSocket-Location: ws://example.com/demo</pre>
 
   </div>
 
   <p class="note">Do not include the port if it is the default port
-  for Web Socket protocol connections of the type in question (81 for
-  unencrypted connections and 815 for encrypted connections).</p>
+  for Web Socket protocol connections of the type in question (80 for
+  unencrypted connections and 443 for encrypted connections).</p>
 
   <p>Send another CRLF pair (0x0d 0x0a).</p>
 
   <p>Read data from the client until four bytes 0x0d 0x0a 0x0d 0x0a
   are read. This data must either be discarded or handled as described
   in the following section describing the handshake details.</p>
 
   <p>If the connection isn't dropped at this point, go to the <a
   href="#ws-sd-framing">data framing</a> section.</p>
 
@@ -72796,26 +72783,20 @@ Proxy-authorization: Basic ZWRuYW1vZGU6bm9jYXBlcyE=</pre>
 
    <dt>Author/Change controller.</dt>
    <dd>Ian Hickson &lt;ian@hixie.ch></dd>
 
    <dt>References.</dt>
    <dd>This document.</dd>
 
   </dl>
 
 
-  <h6>Registration of ports 81 and 815</h6>
-
-  <p>See IANA ticket #257454 for port 81 and IANA ticket #257455 for
-  port 815.</p>
-
-
   <h6>Registration of the "WebSocket" HTTP Upgrade keyword</h6>
 
   <dl>
 
    <dt>Name of token.</dt>
    <dd>WebSocket</dd>
 
    <dt>Author/Change controller.</dt>
    <dd>Ian Hickson &lt;ian@hixie.ch></dd>
 

|