XR872开发SDK 1.2.0版本

Internet Engineering Task Force (IETF) I. Fette Request for Comments: 6455 Google, Inc. Category: Standards Track A. Melnikov ISSN: 2070-1721 Isode Ltd. December 2011 The WebSocket Protocol Abstract The WebSocket Protocol enables two-way communication between a client running untrusted code in a controlled environment to a remote host that has opted-in to communications from that code. The security model used for this is the origin-based security model commonly used by web browsers. The protocol consists of an opening handshake followed by basic message framing, layered over TCP. The goal of this technology is to provide a mechanism for browser-based applications that need two-way communication with servers that does not rely on opening multiple HTTP connections (e.g., using XMLHttpRequest or <iframe>s and long polling). Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6455. Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must Fette & Melnikov Standards Track [Page 1]  RFC 6455 The WebSocket Protocol December 2011 include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Background . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2. Protocol Overview . . . . . . . . . . . . . . . . . . . . 5 1.3. Opening Handshake . . . . . . . . . . . . . . . . . . . . 6 1.4. Closing Handshake . . . . . . . . . . . . . . . . . . . . 9 1.5. Design Philosophy . . . . . . . . . . . . . . . . . . . . 9 1.6. Security Model . . . . . . . . . . . . . . . . . . . . . . 10 1.7. Relationship to TCP and HTTP . . . . . . . . . . . . . . . 11 1.8. Establishing a Connection . . . . . . . . . . . . . . . . 11 1.9. Subprotocols Using the WebSocket Protocol . . . . . . . . 12 2. Conformance Requirements . . . . . . . . . . . . . . . . . . . 12 2.1. Terminology and Other Conventions . . . . . . . . . . . . 13 3. WebSocket URIs . . . . . . . . . . . . . . . . . . . . . . . . 14 4. Opening Handshake . . . . . . . . . . . . . . . . . . . . . . 14 4.1. Client Requirements . . . . . . . . . . . . . . . . . . . 14 4.2. Server-Side Requirements . . . . . . . . . . . . . . . . . 20 4.2.1. Reading the Client's Opening Handshake . . . . . . . . 21 4.2.2. Sending the Server's Opening Handshake . . . . . . . . 22 4.3. Collected ABNF for New Header Fields Used in Handshake . . 25 4.4. Supporting Multiple Versions of WebSocket Protocol . . . . 26 5. Data Framing . . . . . . . . . . . . . . . . . . . . . . . . . 27 5.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 27 5.2. Base Framing Protocol . . . . . . . . . . . . . . . . . . 28 5.3. Client-to-Server Masking . . . . . . . . . . . . . . . . . 32 5.4. Fragmentation . . . . . . . . . . . . . . . . . . . . . . 33 5.5. Control Frames . . . . . . . . . . . . . . . . . . . . . . 36 5.5.1. Close . . . . . . . . . . . . . . . . . . . . . . . . 36 5.5.2. Ping . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.5.3. Pong . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.6. Data Frames . . . . . . . . . . . . . . . . . . . . . . . 38 5.7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.8. Extensibility . . . . . . . . . . . . . . . . . . . . . . 39 6. Sending and Receiving Data . . . . . . . . . . . . . . . . . . 39 6.1. Sending Data . . . . . . . . . . . . . . . . . . . . . . . 39 6.2. Receiving Data . . . . . . . . . . . . . . . . . . . . . . 40 7. Closing the Connection . . . . . . . . . . . . . . . . . . . . 41 7.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 41 7.1.1. Close the WebSocket Connection . . . . . . . . . . . . 41 7.1.2. Start the WebSocket Closing Handshake . . . . . . . . 42 7.1.3. The WebSocket Closing Handshake is Started . . . . . . 42 7.1.4. The WebSocket Connection is Closed . . . . . . . . . . 42 7.1.5. The WebSocket Connection Close Code . . . . . . . . . 42 Fette & Melnikov Standards Track [Page 2]  RFC 6455 The WebSocket Protocol December 2011 7.1.6. The WebSocket Connection Close Reason . . . . . . . . 43 7.1.7. Fail the WebSocket Connection . . . . . . . . . . . . 43 7.2. Abnormal Closures . . . . . . . . . . . . . . . . . . . . 44 7.2.1. Client-Initiated Closure . . . . . . . . . . . . . . . 44 7.2.2. Server-Initiated Closure . . . . . . . . . . . . . . . 44 7.2.3. Recovering from Abnormal Closure . . . . . . . . . . . 44 7.3. Normal Closure of Connections . . . . . . . . . . . . . . 45 7.4. Status Codes . . . . . . . . . . . . . . . . . . . . . . . 45 7.4.1. Defined Status Codes . . . . . . . . . . . . . . . . . 45 7.4.2. Reserved Status Code Ranges . . . . . . . . . . . . . 47 8. Error Handling . . . . . . . . . . . . . . . . . . . . . . . . 48 8.1. Handling Errors in UTF-8-Encoded Data . . . . . . . . . . 48 9. Extensions . . . . . . . . . . . . . . . . . . . . . . . . . . 48 9.1. Negotiating Extensions . . . . . . . . . . . . . . . . . . 48 9.2. Known Extensions . . . . . . . . . . . . . . . . . . . . . 50 10. Security Considerations . . . . . . . . . . . . . . . . . . . 50 10.1. Non-Browser Clients . . . . . . . . . . . . . . . . . . . 50 10.2. Origin Considerations . . . . . . . . . . . . . . . . . . 50 10.3. Attacks On Infrastructure (Masking) . . . . . . . . . . . 51 10.4. Implementation-Specific Limits . . . . . . . . . . . . . . 52 10.5. WebSocket Client Authentication . . . . . . . . . . . . . 53 10.6. Connection Confidentiality and Integrity . . . . . . . . . 53 10.7. Handling of Invalid Data . . . . . . . . . . . . . . . . . 53 10.8. Use of SHA-1 by the WebSocket Handshake . . . . . . . . . 54 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 54 11.1. Registration of New URI Schemes . . . . . . . . . . . . . 54 11.1.1. Registration of "ws" Scheme . . . . . . . . . . . . . 54 11.1.2. Registration of "wss" Scheme . . . . . . . . . . . . . 55 11.2. Registration of the "WebSocket" HTTP Upgrade Keyword . . . 56 11.3. Registration of New HTTP Header Fields . . . . . . . . . . 57 11.3.1. Sec-WebSocket-Key . . . .