This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Sec-WebSocket-Protocol in websocket handshake response

  • 1 reply
  • 1 has this problem
  • 2 views
  • Last reply by Gerd

more options

In Chrome when I make a websocket handshake, if in the request, the "Sec-WebSocket-Protocol" header is specified, then the response from server must also has this header, if not, chrome will not allow to make the connection But in Firefox, the response does not need to have the header. Why Firefox allow this?

Regards, ManLM

In Chrome when I make a websocket handshake, if in the request, the "Sec-WebSocket-Protocol" header is specified, then the response from server must also has this header, if not, chrome will not allow to make the connection But in Firefox, the response does not need to have the header. Why Firefox allow this? Regards, ManLM

All Replies (1)

more options

It is possible that this is a non-standard header (that is therefor not implemented in FF), or that Firefox' security policies are not as strict.

Most likely this shouldn't cause any problems.