Application Layer Protocol - Web Socket                           Home :





What is WebSocket ?


WebSocket sounds like "A special socket that is specially designed/optimized for Web Application". It sounds OK.. but what it really mean ? The official definition of WebSocket is defined in RFC 6455 as stated below.


The WebSocket Protocol enables two-way communication between a client running untrusted code in a controlled environment to a remote host that has opted-in to communications from that code. The security model used for this is the origin-based security model commonly used  by web browsers.  The protocol consists of an opening handshake  followed by basic message framing, layered over TCP.  The goal of this technology is to provide a mechanism for browser-based applications that need two-way communication with servers that does not rely on opening multiple HTTP connections (e.g., using XMLHttpRequest or <iframe>s and long polling).


Whenever I try to clearly understand anything from RFC, I almost always have to rewrite things on my own format / words, otherwise it tend to be very confusing. Let me rewrite this statement from RFC document. It goes as follows.

  • WebSocket is a kind of two-way communication between a client and a remote host
  • The client is running untrusted code in a controlled environment and the remote host has opted-in to communication from that code.
  • WebSocket uses the origin-based security model
  • WebSocket protocol is layered over TCP
  • Overal protocol sequence of WebSocket is
    • Opening Handshake
    • Basic Message Framing
  • The WebSocket Protocol is an independent TCP-based protocol.  Its only relationship to HTTP is that its handshake is interpreted by HTTP servers as an Upgrade request (RFC 6455 1.7.  Relationship to TCP and HTTP)



Opening Handshake






Client --> Server

GET /protocol HTTP/1.1 (Host url etc)


Client <-- Server

HTTP/1.1 101 Switching Protocols


(1) GET /protocol HTTP/1.1 (Host url etc)


GET /mqtt HTTP/1.1


Connection: Upgrade

Pragma: no-cache

Cache-Control: no-cache

Upgrade: websocket


Sec-WebSocket-Version: 13

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36

Accept-Encoding: gzip, deflate, sdch

Accept-Language: en-US,en;q=0.8

Sec-WebSocket-Key: OfMWmQZlMFBWe/o7k1CzZg==

Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Sec-WebSocket-Protocol: mqttv3.1


(2) HTTP/1.1 101 Switching Protocols


HTTP/1.1 101 Switching Protocols

Upgrade: websocket

Connection: Upgrade

Sec-WebSocket-Accept: PqfV+Vb3mDtpMlZ/bO+GBzyX4N8=

Sec-WebSocket-Protocol: mqttv3.1