[英]Socket.io - Headers - Query String - Security
I want to cover several aspects here. 我想在这里涵盖几个方面。 Let's unfold. 让我们展开吧。
I'm using Socket.io in one of my application. 我在其中一个应用程序中使用Socket.io。 While trying keeping JWT common for normal application and socket.io client, I had these thoughts. 在尝试使JWT对于普通应用程序和socket.io客户端通用时,我有这些想法。
Helps would be appreciated, Thanks! 帮助将不胜感激,谢谢!
PS Please make correction(s) to the post title if necessary. 附言:如有必要,请对帖子标题进行更正。
1) socket.io uses websockets as the name suggests, so it should actually use the wss protocol, using polling & https is just a fallback afaik. 1)socket.io顾名思义使用websockets,因此它实际上应该使用wss协议,使用polling和https只是一个后备afaik。
2) browser extension might also read the header? 2)浏览器扩展程序可能还会读取标题吗? I don't see any advantage from one over the other. 我看不出任何一个相对于另一个的优势。
3) as 1s and 0s ? 3)作为1和0? Both are encrypted however (because of http s and ws s ). 两者都是加密的然而(因为HTTP S和WS S的)。
4) Why do you want that? 4)为什么要那样? If you want to use socket.io, just .emit()
events, that's what socket.io is all about. 如果要使用socket.io,只需使用.emit()
事件,那就是socket.io的全部用途。 If you don't want websockets but some self-baked solution, create your own one. 如果您不希望使用Websocket,而需要一些自行开发的解决方案,请创建自己的解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.