|
|
|
|
|
|
by mbrubeck
6024 days ago
|
|
|
This is a way for servers to opt in and tell the client to allow cross-domain requests, just like crossdomain.xml or CORS. I haven't tried it myself with web sockets yet, but I've done some experiments with XHR+CORS (almost the same protocol, except for different names of the response headers) and it does work cross-origin on recent Gecko and WebKit browsers. UPDATE: Ran a quick test using the current Google Chrome beta for Linux and standalone.py from Google's mod_websocket, and successfully opened a cross-origin WebSocket connection, just as described in the spec. mod_websocket will authorize requests from any origin by default; there's a sample handler included that shows how to reject cross-origin requests on the server. |
|
|