Web sockets make ajax/CORS obsolete?

by

WebSockets will not make AJAX entirely obsolete and WebSockets can do cross-domain.

AJAX

AJAX mechanisms can be used with plain web servers. At its most basic level, AJAX is just a way for a web page to make an HTTP request. WebSockets is a much lower level protocol and requires a WebSockets server (either built into the webserver, standalone, or proxied from the webserver to a standalone server).

With WebSockets, the framing and payload is determined by the application. You could send HTML/XML/JSON back and forth between client and server, but you aren’t forced to. AJAX is HTTP. WebSockets has a HTTP friendly handshake, but WebSockets is not HTTP. WebSockets is a bi-directional protocol that is closer to raw sockets (intentionally so) than it is to HTTP. The WebSockets payload data is UTF-8 encoded in the current version of the standard but this is likely to be changed/extended in future versions.

So there will probably always be a place for AJAX type requests even in a world where all clients support WebSockets natively. WebSockets is trying to solve situations where AJAX is not capable or marginally capable (because WebSockets its bi-directional and much lower overhead). But WebSockets does not replace everything AJAX is used for.

Cross-Domain

Yes, WebSockets supports cross-domain. The initial handshake to setup the connection communicates origin policy information. The wikipedia page shows an example of a typical handshake: http://en.wikipedia.org/wiki/WebSockets

More Related Contents:

  1. CORS: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true
  2. What is the motivation behind the introduction of preflight CORS requests?
  3. Same origin Policy and CORS (Cross-origin resource sharing)
  4. What security risks exist when setting Access-Control-Allow-Origin to accept all domains?
  5. WebSockets protocol vs HTTP
  6. CORS issue while making an Ajax request for oauth2 access token
  7. Ajax vs Socket.io
  8. API Gateway CORS: no ‘Access-Control-Allow-Origin’ header
  9. Why use AJAX when WebSockets is available?
  10. Cross-Domain AJAX doesn’t send X-Requested-With header
  11. Access denied in IE 10 and 11 when ajax target is localhost
  12. $http.get is not allowed by Access-Control-Allow-Origin but $.ajax is
  13. Set-Cookie on Browser with Ajax Request via CORS
  14. Ajax call bug with Chrome new version 73.0.3683.75?
  15. Enable CORS in Golang
  16. How to establish a TCP Socket connection from a web browser (client side)?
  17. Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at
  18. Cross-Origin Request Blocked
  19. jQuery XML error ‘ No ‘Access-Control-Allow-Origin’ header is present on the requested resource.’
  20. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  21. CORS error on same domain?
  22. Modify Address Bar URL in AJAX App to Match Current State
  23. Download a file from Servlet using Ajax
  24. How can I catch and process the data from the XHR responses using casperjs?
  25. What’s to stop malicious code from spoofing the “Origin” header to exploit CORS?
  26. How to integrate Ajax with Symfony2 [closed]
  27. Solve Cross Origin Resource Sharing with Flask
  28. How to Detect Cross Origin (CORS) Error vs. Other Types of Errors for XMLHttpRequest() in Javascript
  29. Ajax update and submission using h:commandButton
  30. CORS enabled but response for preflight has invalid HTTP status code 404 when POSTing JSON

Leave a Comment