←back to thread

257 points tosh | 1 comments | | HN request time: 0.001s | source
Show context
marcopolo ◴[] No.42069051[source]
Masking in the WebSocket protocol is kind of a funny and sad fix to the problem of intermediaries trying to be smart and helpful, but failing miserably.

The linked section of the RFC is worth the read: https://www.rfc-editor.org/rfc/rfc6455#section-10.3

replies(1): >>42071837 #
1. moron4hire ◴[] No.42071837[source]
How is this a problem of WebSockets and not HTTP in general?

The RFC has a link to a document describing the attack, but the link is broken.