[Webkit-unassigned] [Bug 32246] Multiple connection attempts to a WebSocket server should not be allowed
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Dec 8 14:02:57 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=32246
Alexey Proskuryakov <ap at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |beidson at apple.com
--- Comment #4 from Alexey Proskuryakov <ap at webkit.org> 2009-12-08 14:02:57 PST ---
Actually, I need to reverse both statements!
Yes, WebSocket is the first way to open an unlimited number of connections to a
single server, so it indeed likely needs additional protection to prevent DOS
attacks.
But we don't really have a way to implement this correctly. Since each DNS
request can result in a new result (this is a form of load balancing),
resolving the name first and re-resolving it for actual connect() won't work.
We don't have a way to pass both host name and its pre-resolved IP address down
to the network stack.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list