[Spice-devel] [PATCH spice ] Add support for clients connecting with the WebSocket protocol.
Daniel P. Berrange
berrange at redhat.com
Tue Nov 3 02:32:51 PST 2015
On Fri, Oct 30, 2015 at 03:52:56PM -0500, Jeremy White wrote:
> We do this by auto detecting the inbound http(s) 'GET' and probing
> for a well formulated WebSocket binary connection, such as used
> by the spice-html5 client. If detected, we implement a set of
> cover functions that abstract the read/write/writev functions,
> in a fashion similar to the SASL implemented.
I'm not really a huge fan of overloading two protocols on the
same socket in this way.
I'd be rather inclined to have a separate port open for the
websockets protocol, in the same way that QEMU does the VNC
server.
Admins should be able to choose which protocol is available
to their clients. For example, they might launch QEMU with
both protocols available, but only wish to make one of the
protocols available to the public internet. By overloading
both protocols on the same port, you prevent them from
being able todo this in firewall rules.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the Spice-devel
mailing list