Hacker News new | ask | show | jobs
by jand 536 days ago
> ... because you cannot attach an Authorization: Bearer header to a websocket.

Well, not properly. You can abuse the Sec-Websocket-Protocol header to pass an initial token to the server.
1 comments
Thorrez 535 days ago
:) I have in fact done that.
link