WebSocket Cheatsheet
Table of Contents
- Introduction to WebSockets
- WebSocket Handshake
- WebSocket Protocol
- WebSocket API
- Server-Side Implementation
- Client-Side Implementation
- WebSocket Events
- WebSocket Methods
- WebSocket States
- Error Handling
- Security Considerations
- Scaling WebSockets
- Best Practices
- Tools and Libraries
Introduction to WebSockets
WebSocket is a protocol that enables full-duplex, bidirectional communication between a client and a server over a single TCP connection. It's designed for real-time, event-driven applications such as chat systems, live updates, and gaming.
WebSocket Handshake
The WebSocket connection starts with an HTTP upgrade request:
GET /chat HTTP/1.1
Host: server.example.com
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
Origin: http://example.com
Sec-WebSocket-Protocol: chat, superchat
Sec-WebSocket-Version: 13
Server response:
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
Sec-WebSocket-Protocol: chat
WebSocket Protocol
- Uses
ws://orwss://(for secure WebSocket) URL scheme - Supports text and binary data frames
- Includes a ping/pong mechanism for keeping connections alive
WebSocket API
The WebSocket API provides a simple interface for creating and managing WebSocket connections.
const socket = new WebSocket('ws://example.com/socketserver');
Server-Side Implementation
Example using Node.js and the ws library:
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 8080 });
wss.on('connection', function connection(ws) {
ws.on('message', function incoming(message) {
console.log('received: %s', message);
});
ws.send('Welcome to the WebSocket server!');
});
Client-Side Implementation
const socket = new WebSocket('ws://localhost:8080');
socket.addEventListener('open', function (event) {
socket.send('Hello Server!');
});
socket.addEventListener('message', function (event) {
console.log('Message from server:', event.data);
});
WebSocket Events
open: Fired when the connection is establishedmessage: Fired when data is receivederror: Fired when an error occursclose: Fired when the connection is closed
socket.addEventListener('open', (event) => {
console.log('WebSocket connection opened');
});
socket.addEventListener('message', (event) => {
console.log('Received message:', event.data);
});
socket.addEventListener('error', (event) => {
console.error('WebSocket error:', event);
});
socket.addEventListener('close', (event) => {
console.log('WebSocket connection closed');
});
WebSocket Methods
send(): Sends data through the WebSocket connectionclose(): Closes the WebSocket connection
// Sending data
socket.send('Hello, server!');
// Closing the connection
socket.close();
WebSocket States
The readyState property indicates the state of the WebSocket connection:
WebSocket.CONNECTING(0): The connection is not yet openWebSocket.OPEN(1): The connection is open and ready to communicateWebSocket.CLOSING(2): The connection is in the process of closingWebSocket.CLOSED(3): The connection is closed or couldn't be opened
if (socket.readyState === WebSocket.OPEN) {
socket.send('Data');
}
Error Handling
socket.addEventListener('error', (error) => {
console.error('WebSocket Error:', error);
});
// Handling specific errors
socket.addEventListener('close', (event) => {
if (event.code === 1006) {
console.error('Connection closed abnormally');
}
});
Security Considerations
- Use WSS (WebSocket Secure) for encrypted connections
- Validate and sanitize all incoming messages
- Implement proper authentication and authorization
- Protect against cross-site WebSocket hijacking (CSWSH)
- Set appropriate timeouts and implement reconnection strategies
const socket = new WebSocket('wss://secure.example.com');
Scaling WebSockets
- Use a load balancer with WebSocket support
- Implement a pub/sub system (e.g., Redis) for distributing messages across multiple server instances
- Consider using WebSocket clustering solutions
- Optimize message size and frequency
- Implement proper connection management and cleanup
Best Practices
- Use a heartbeat mechanism to keep connections alive
- Implement reconnection logic on the client side
- Handle connection errors and timeouts gracefully
- Use binary data for large payloads or when performance is critical
- Implement proper error handling and logging
- Use sub-protocols to define specific communication patterns
- Optimize for mobile devices (consider battery life and data usage)
- Implement rate limiting to prevent abuse
- Use compression for large text payloads
- Properly close WebSocket connections when they're no longer needed
Example heartbeat implementation:
// Client-side
function heartbeat() {
if (socket.readyState === WebSocket.OPEN) {
socket.send('__ping__');
setTimeout(heartbeat, 30000);
}
}
socket.addEventListener('open', heartbeat);
socket.addEventListener('message', (event) => {
if (event.data === '__pong__') {
console.log('Received pong');
} else {
console.log('Received:', event.data);
}
});
// Server-side
wss.on('connection', (ws) => {
ws.isAlive = true;
ws.on('pong', () => {
ws.isAlive = true;
});
ws.on('message', (message) => {
if (message === '__ping__') {
ws.send('__pong__');
}
});
});
setInterval(() => {
wss.clients.forEach((ws) => {
if (!ws.isAlive) return ws.terminate();
ws.isAlive = false;
ws.ping();
});
}, 30000);
Tools and Libraries
- Socket.IO: Provides real-time bidirectional event-based communication
- ws: A simple WebSocket client and server implementation for Node.js
- WebSocket-Node: A WebSocket client and server implementation in Node.js
- SockJS: Provides a WebSocket-like object for JavaScript
- Pusher: Hosted WebSocket infrastructure
- SignalR: Real-time ASP.NET library (supports WebSockets)
- websockets: WebSocket client and server library for Python
- Gorilla WebSocket: WebSocket implementation for Go
- Faye: Simple pub/sub messaging for web and Node.js applications
- µWebSockets: Highly scalable WebSocket server and client implementation in C++
2024 © All rights reserved - buraxta.com