SlideShare una empresa de Scribd logo

SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket

ProcessOne
ProcessOne
1 de 12
Descargar para leer sin conexión
XMPP over WebSocket Eric Cestari ecestari@process-one.net @cstar jeudi 3 février 2011
WebSocket = Web + Socket = recipe for AWESOME ? jeudi 3 février 2011
WebSocket Message oriented Two way connection between browser and server No more Comet, long-polling, Ajax push, BOSH, hidden iframes Pros: Less load on server better latency less effort for the client (battery life increases) Cons: not ubiquitous security issues jeudi 3 février 2011
A simple Javascript API new Websocket(url) ws.send() ws.close() and callbacks ws.onopen ws.onclose ws.onmessage jeudi 3 février 2011
Normalized by IETF ... ... since forever (first mail on the hybi mailing list: 30 March 2009) Three drafts implemented : draft-hixie -68 by Chrome (Dec 2009) draft-hixie -75 by Chrome and Safari (Feb 2010) draft-hixie -76 (May 10) by Safari 5.0.4, Chrome 6, Opera 10.70 and early Firefox 4 betas jeudi 3 février 2011
Current issues Fear of cross-protocol attacks. Possible transparent proxy cache poisoning discovered by A. Barth and E. Rescorla with currently implemented draft. WebSocket support disabled in Opera and latest Firefox betas by default jeudi 3 février 2011
WS support everywhere ! Flash to the rescue web-socket-js opensource project https://github.com/gimite/web-socket-js But: slower than native implementation with TLS support, file weighs 180Kb (20Kb without) It’s Flash, dammit! jeudi 3 février 2011
Handshakes and messages Handshake: Make sure server understands websocket Messages: bi-directional frames Current state (-04) Handshake is GET + Upgrade headers with Nonce Messages are masked from client to server jeudi 3 février 2011
XMPP sub-protocol IETF draft by Jack Moffit and Eric Cestari One message = one stanza = one XML document With exceptions for stream start and stream end. No TLS socket upgrade for encryption TLS negociation is done on socket opening (wss://host:port/) jeudi 3 février 2011
Client and server support Support in ejabberd 2.2.x Support StropheJS websocket support and prototype code for JSJaC Not released ... yet! jeudi 3 février 2011
New product: GitLive! Visualize GitHub pushes in realtime from Github repositories http://gitlive.com/ http://gitlive.com/demo.html Already used on the ejabberd and Tsung homepage Use it on your own project! jeudi 3 février 2011
References Hybi WG mailing list https://www.ietf.org/mailman/listinfo/hybi Transparent proxies: Threat or menaces ? http://www.adambarth.com/experimental/websocket.pdf An XMPP sub-protocol for Websockets http://tools.ietf.org/html/draft-moffitt-xmpp-over-websocket-00 jeudi 3 février 2011

Recomendados

Web browsers
Web browsersWeb browsers
Web browsersmaneamador7
 
DevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsDevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsCrocodile WebRTC SDK and Cloud Signalling Network
 
DevCon5 (July 2014) - Intro to WebRTC
DevCon5 (July 2014) - Intro to WebRTCDevCon5 (July 2014) - Intro to WebRTC
DevCon5 (July 2014) - Intro to WebRTCCrocodile WebRTC SDK and Cloud Signalling Network
 
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)Crocodile WebRTC SDK and Cloud Signalling Network
 
DevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDKDevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDKCrocodile WebRTC SDK and Cloud Signalling Network
 
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web World
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web WorldAsterisk World (January 2014) - Taking Enterprise Telephony into the Web World
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web WorldCrocodile WebRTC SDK and Cloud Signalling Network
 
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1Mickaël Rémond
 
Messaging temps réel avec Go
Messaging temps réel avec GoMessaging temps réel avec Go
Messaging temps réel avec GoMickaël Rémond
 

Recomendados

Web browsers
Web browsersWeb browsers
Web browsersmaneamador7
 
DevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsDevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsCrocodile WebRTC SDK and Cloud Signalling Network
 
DevCon5 (July 2014) - Intro to WebRTC
DevCon5 (July 2014) - Intro to WebRTCDevCon5 (July 2014) - Intro to WebRTC
DevCon5 (July 2014) - Intro to WebRTCCrocodile WebRTC SDK and Cloud Signalling Network
 
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)Crocodile WebRTC SDK and Cloud Signalling Network
 
DevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDKDevCon5 (July 2014) - Acision SDK
DevCon5 (July 2014) - Acision SDKCrocodile WebRTC SDK and Cloud Signalling Network
 
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web World
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web WorldAsterisk World (January 2014) - Taking Enterprise Telephony into the Web World
Asterisk World (January 2014) - Taking Enterprise Telephony into the Web WorldCrocodile WebRTC SDK and Cloud Signalling Network
 
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1
Fighting XMPP abuse and spam with ejabberd - ejabberd Workshop #1Mickaël Rémond
 
Messaging temps réel avec Go
Messaging temps réel avec GoMessaging temps réel avec Go
Messaging temps réel avec GoMickaël Rémond
 
SeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengineSeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengineProcessOne
 
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications APISeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications APIProcessOne
 
ProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.netProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.netProcessOne
 
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012ProcessOne
 
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration softwareSeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration softwareProcessOne
 
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWebSeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWebProcessOne
 
Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...Mickaël Rémond
 
XMPP Academy #2
XMPP Academy #2XMPP Academy #2
XMPP Academy #2Mickaël Rémond
 
Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1Mickaël Rémond
 
ProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push SolutionsProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push SolutionsProcessOne
 
Audience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upikAudience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upikProcessOne
 
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microbloggingSeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microbloggingProcessOne
 
2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communauté2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communautéMickaël Rémond
 
WaveOne server and client by ProcessOne
WaveOne server and client by ProcessOneWaveOne server and client by ProcessOne
WaveOne server and client by ProcessOneMickaël Rémond
 
Archipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF MeetupArchipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF MeetupMickaël Rémond
 
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8 Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8 Mickaël Rémond
 
OneTeam Media Server
OneTeam Media ServerOneTeam Media Server
OneTeam Media ServerMickaël Rémond
 
Multitasking in iOS 7
Multitasking in iOS 7Multitasking in iOS 7
Multitasking in iOS 7Mickaël Rémond
 
Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)kholis_mjd
 
Websocket technology for XPages
Websocket technology for XPagesWebsocket technology for XPages
Websocket technology for XPagesCsaba Kiss
 
Ws
WsWs
WsSunghan Kim
 
Intro to WebSockets and Comet
Intro to WebSockets and CometIntro to WebSockets and Comet
Intro to WebSockets and Cometdylanks
 

Más contenido relacionado

Destacado

SeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengineSeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengineProcessOne
 
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications APISeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications APIProcessOne
 
ProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.netProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.netProcessOne
 
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012ProcessOne
 
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration softwareSeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration softwareProcessOne
 
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWebSeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWebProcessOne
 
Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...Mickaël Rémond
 
Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1Mickaël Rémond
 
ProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push SolutionsProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push SolutionsProcessOne
 
Audience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upikAudience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upikProcessOne
 
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microbloggingSeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microbloggingProcessOne
 
2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communauté2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communautéMickaël Rémond
 
WaveOne server and client by ProcessOne
WaveOne server and client by ProcessOneWaveOne server and client by ProcessOne
WaveOne server and client by ProcessOneMickaël Rémond
 
Archipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF MeetupArchipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF MeetupMickaël Rémond
 
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8 Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8 Mickaël Rémond
 

Destacado (18)

SeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengineSeaBeyond 2011 ProcessOne - af83: UCengine
SeaBeyond 2011 ProcessOne - af83: UCengine
 
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications APISeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
SeaBeyond 2011 ProcessOne - Nokia: Jukka Alakontiola - Notifications API
 
ProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.netProcessOne Push Platform: pubsub.p1pp.net
ProcessOne Push Platform: pubsub.p1pp.net
 
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
La campagne présidentielle sur Twitter : 12 mars au 18 mars 2012
 
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration softwareSeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
SeaBeyond 2011 ProcessOne - Marek Foss: designing mobile collaboration software
 
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWebSeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
SeaBeyond 2011 ProcessOne - Diana Cheng: OneSocialWeb
 
Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...Property-based testing of XMPP: generate your tests automatically - ejabberd ...
Property-based testing of XMPP: generate your tests automatically - ejabberd ...
 
XMPP Academy #2
XMPP Academy #2XMPP Academy #2
XMPP Academy #2
 
Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1Managing ejabberd Platforms with Docker - ejabberd Workshop #1
Managing ejabberd Platforms with Docker - ejabberd Workshop #1
 
ProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push SolutionsProcessOne Push Platform: XMPP-based Push Solutions
ProcessOne Push Platform: XMPP-based Push Solutions
 
Audience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upikAudience twitter des candidats du 21 février au 18 mars 2012 upik
Audience twitter des candidats du 21 février au 18 mars 2012 upik
 
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microbloggingSeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
SeaBeyond 2011 ProcessOne - David Banes: Cleartext microblogging
 
2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communauté2015: L'année d'Elixir, Code, écosystème et communauté
2015: L'année d'Elixir, Code, écosystème et communauté
 
WaveOne server and client by ProcessOne
WaveOne server and client by ProcessOneWaveOne server and client by ProcessOne
WaveOne server and client by ProcessOne
 
Archipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF MeetupArchipel Introduction - ejabberd SF Meetup
Archipel Introduction - ejabberd SF Meetup
 
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8 Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
Phoenix Presence: Le service temps réel de Phoenix - Paris.ex #8
 
OneTeam Media Server
OneTeam Media ServerOneTeam Media Server
OneTeam Media Server
 
Multitasking in iOS 7
Multitasking in iOS 7Multitasking in iOS 7
Multitasking in iOS 7
 

Similar a SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket

Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)kholis_mjd
 
Websocket technology for XPages
Websocket technology for XPagesWebsocket technology for XPages
Websocket technology for XPagesCsaba Kiss
 
Intro to WebSockets and Comet
Intro to WebSockets and CometIntro to WebSockets and Comet
Intro to WebSockets and Cometdylanks
 
Real-Time with Flowdock
Real-Time with FlowdockReal-Time with Flowdock
Real-Time with FlowdockFlowdock
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Roberto Suggi Liverani
 
Websockets with ruby
Websockets with rubyWebsockets with ruby
Websockets with rubyStoyan Zhekov
 
HTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebHTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebPeter Lubbers
 
Fosdem 13: Pharo 2.0 update
Fosdem 13: Pharo 2.0 updateFosdem 13: Pharo 2.0 update
Fosdem 13: Pharo 2.0 updateMarcus Denker
 
Programming WebSockets - OSCON 2010
Programming WebSockets - OSCON 2010Programming WebSockets - OSCON 2010
Programming WebSockets - OSCON 2010sullis
 
Multicast to browser techniques and methods
Multicast to browser techniques and methodsMulticast to browser techniques and methods
Multicast to browser techniques and methodsssuser1826a9
 
Codecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web socketsCodecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web socketsCodecamp Romania
 
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)Beat Signer
 
Codecamp Iasi-26 nov 2011 - Html 5 WebSockets
Codecamp Iasi-26 nov 2011 - Html 5 WebSocketsCodecamp Iasi-26 nov 2011 - Html 5 WebSockets
Codecamp Iasi-26 nov 2011 - Html 5 WebSocketsFlorin Cardasim
 

Similar a SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket (20)

Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)Basic IT 2 (General IT Knowledge-2)
Basic IT 2 (General IT Knowledge-2)
 
Websocket technology for XPages
Websocket technology for XPagesWebsocket technology for XPages
Websocket technology for XPages
 
Ws
WsWs
Ws
 
Intro to WebSockets and Comet
Intro to WebSockets and CometIntro to WebSockets and Comet
Intro to WebSockets and Comet
 
m.soundcloud.com
m.soundcloud.comm.soundcloud.com
m.soundcloud.com
 
BitTorrent on iOS
BitTorrent on iOSBitTorrent on iOS
BitTorrent on iOS
 
High Availability Server Apps
High Availability Server AppsHigh Availability Server Apps
High Availability Server Apps
 
Real-Time with Flowdock
Real-Time with FlowdockReal-Time with Flowdock
Real-Time with Flowdock
 
Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012Window Shopping Browser - Bug Hunting in 2012
Window Shopping Browser - Bug Hunting in 2012
 
Websockets with ruby
Websockets with rubyWebsockets with ruby
Websockets with ruby
 
HTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the WebHTML5 WebSocket: The New Network Stack for the Web
HTML5 WebSocket: The New Network Stack for the Web
 
Fosdem 13: Pharo 2.0 update
Fosdem 13: Pharo 2.0 updateFosdem 13: Pharo 2.0 update
Fosdem 13: Pharo 2.0 update
 
Programming WebSockets - OSCON 2010
Programming WebSockets - OSCON 2010Programming WebSockets - OSCON 2010
Programming WebSockets - OSCON 2010
 
Multicast to browser techniques and methods
Multicast to browser techniques and methodsMulticast to browser techniques and methods
Multicast to browser techniques and methods
 
News bytes Oct-2011
News bytes Oct-2011News bytes Oct-2011
News bytes Oct-2011
 
Future of web_apps
Future of web_appsFuture of web_apps
Future of web_apps
 
Codecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web socketsCodecamp iasi-26 nov 2011-web sockets
Codecamp iasi-26 nov 2011-web sockets
 
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
 
Codecamp Iasi-26 nov 2011 - Html 5 WebSockets
Codecamp Iasi-26 nov 2011 - Html 5 WebSocketsCodecamp Iasi-26 nov 2011 - Html 5 WebSockets
Codecamp Iasi-26 nov 2011 - Html 5 WebSockets
 
J web socket
J web socketJ web socket
J web socket
 

SeaBeyond 2011 ProcessOne - Eric Cestari: XMPP over WebSocket

  • 1. XMPP over WebSocket Eric Cestari ecestari@process-one.net @cstar jeudi 3 février 2011
  • 2. WebSocket = Web + Socket = recipe for AWESOME ? jeudi 3 février 2011
  • 3. WebSocket Message oriented Two way connection between browser and server No more Comet, long-polling, Ajax push, BOSH, hidden iframes Pros: Less load on server better latency less effort for the client (battery life increases) Cons: not ubiquitous security issues jeudi 3 février 2011
  • 4. A simple Javascript API new Websocket(url) ws.send() ws.close() and callbacks ws.onopen ws.onclose ws.onmessage jeudi 3 février 2011
  • 5. Normalized by IETF ... ... since forever (first mail on the hybi mailing list: 30 March 2009) Three drafts implemented : draft-hixie -68 by Chrome (Dec 2009) draft-hixie -75 by Chrome and Safari (Feb 2010) draft-hixie -76 (May 10) by Safari 5.0.4, Chrome 6, Opera 10.70 and early Firefox 4 betas jeudi 3 février 2011
  • 6. Current issues Fear of cross-protocol attacks. Possible transparent proxy cache poisoning discovered by A. Barth and E. Rescorla with currently implemented draft. WebSocket support disabled in Opera and latest Firefox betas by default jeudi 3 février 2011
  • 7. WS support everywhere ! Flash to the rescue web-socket-js opensource project https://github.com/gimite/web-socket-js But: slower than native implementation with TLS support, file weighs 180Kb (20Kb without) It’s Flash, dammit! jeudi 3 février 2011
  • 8. Handshakes and messages Handshake: Make sure server understands websocket Messages: bi-directional frames Current state (-04) Handshake is GET + Upgrade headers with Nonce Messages are masked from client to server jeudi 3 février 2011
  • 9. XMPP sub-protocol IETF draft by Jack Moffit and Eric Cestari One message = one stanza = one XML document With exceptions for stream start and stream end. No TLS socket upgrade for encryption TLS negociation is done on socket opening (wss://host:port/) jeudi 3 février 2011
  • 10. Client and server support Support in ejabberd 2.2.x Support StropheJS websocket support and prototype code for JSJaC Not released ... yet! jeudi 3 février 2011
  • 11. New product: GitLive! Visualize GitHub pushes in realtime from Github repositories http://gitlive.com/ http://gitlive.com/demo.html Already used on the ejabberd and Tsung homepage Use it on your own project! jeudi 3 février 2011
  • 12. References Hybi WG mailing list https://www.ietf.org/mailman/listinfo/hybi Transparent proxies: Threat or menaces ? http://www.adambarth.com/experimental/websocket.pdf An XMPP sub-protocol for Websockets http://tools.ietf.org/html/draft-moffitt-xmpp-over-websocket-00 jeudi 3 février 2011