Sec-WebSocket-Protocol in websocket handshake response
In Chrome when I make a websocket handshake, if in the request, the "Sec-WebSocket-Protocol" header is specified, then the response from server must also has this header, if not, chrome will not allow to make the connection But in Firefox, the response does not need to have the header. Why Firefox allow this?
Regards, ManLM
In Chrome when I make a websocket handshake, if in the request, the "Sec-WebSocket-Protocol" header is specified, then the response from server must also has this header, if not, chrome will not allow to make the connection
But in Firefox, the response does not need to have the header. Why Firefox allow this?
Regards,
ManLM
การตอบกลับทั้งหมด (1)
It is possible that this is a non-standard header (that is therefor not implemented in FF), or that Firefox' security policies are not as strict.
Most likely this shouldn't cause any problems.