Geek Answers Handbook

Is it correct to use Socket.IO emit () instead of all HTTP requests?

I installed the Node.js HTTP server. It listens for the path '/' and returns an empty HTML template in the get request.

This template includes a Require.js script client that creates a Socket.IO connection to the server.

Then all communication between the client and server is provided through web sockets.

When connecting, the server requires authentication; if there are cookies for authentication, then the client sends them to the server for verification, if not cookies, and then the client displays the login and waits for user input, etc.

While everything works, after checking the credentials, I create a SID for the user and use it to manage his access rights. Then I launch the main view and the application.

Questions:

  • Do I need to use HTTPS instead of HTTP, since I use HTTP only to send the script to the client? (Note: I plan to use local storage instead of cookies)

  • Are there any crashes in using pure web sockets without HTTP?

  • If it works, why no one uses it?

+4
source share
2 answers

Is there any need to use HTTPS instead of HTTP, since I use only HTTP to send the script to the client? (Note: I plan to use Local Storage instead of cookies)

No, handshakes for web sites require HTTP / HTTPS. Choosing HTTP or HTTPS from a security perspective. If you want to use it to simply send a script, then there is no harm. If you want to implement user login / authentication on your pages, you should use HTTPS.

Are there any crashes in using pure web sockets without HTTP?

Web sockets and HTTP are very different. If you use pure web sockets, you will skip HTTP. HTTP is the preferred choice for cross-platform web services. This is good for crawling / searching documents, but this is one way. The web socket provides full duplex communication channels over a single TCP connection and allows us to get rid of workarounds and hacks, such as Ajax, Reverse Ajax, Comet, etc. It is important to note that both can coexist. Thus, aim for web sockets without leaving HTTP.

If it works, why no one uses it?

We live in the HTTP era, web sockets are relatively new. In the long run, web sockets will gain in popularity and increase the share of web services. Many browsers until recently did not support web sockets properly. See here , IE 10 is the latest and only version in IE to support network sockets. nginx, a very popular server, did not support web sockets until February-March 2013. It takes time for web sockets to become popular.

+1
source

Your question is very similar to this

Why use AJAX when WebSockets are available?

In the end, they were created for different things, although you can use web sockets for most, if not everything, that can be done in regular HTTP requests.

I would recommend using HTTPS, since you are really sending authentication data through websockets (which will also use SSL, no?), But then it depends on your definition of "need."

Down - Lack of support for older browsers

He did not use it in many other situations because he is not needed and is still “relatively new”.

+1
source

More articles:


All Articles