[Webkit-unassigned] [Bug 80362] WebSocket: Client does not support 401 Unauthorized response.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 28 06:40:05 PDT 2017


--- Comment #8 from Varunan <svarunan at gmail.com> ---
Its a client side code so anyone can bypass XHR request with credentials and directly connect to websocket URL which is visible.

It should a single http request (hand shake) with Authorisation header added and upgrade to websocket on auth success.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170728/3f1ae4cb/attachment.html>

More information about the webkit-unassigned mailing list