WebSockets
A separate TCP-based protocol from HTTP. WebSockets provide simultaneous communications from the client and the server (full-duplex--like a telephone). You get real-time data transfer with low overhead because a connection is kept active and headers do not need to be sent for each request and response. TLS-encrypted connections are available (analogous to HTTPS).
The handshake
The client will send a WebSocket request, which is interpreted by HTTP as an upgrade request. Once a connection is established, HTTP is no longer used--the WebSocket protocol is used.
Ex client request:
GET /chat HTTP/1.1
Host: server.example.com
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Key: x3JJHMbDL1EzLkh9GBhXDw==
Sec-WebSocket-Protocol: chat, superchat
Sec-WebSocket-Version: 13
Origin: http://example.com
Ex server response:
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: HSmrc0sMlYUkAGmm5OPpG2HaGWk=
Sec-WebSocket-Protocol: chat
The Sec-WebSocket-Key header is sent by the server, and the Sec-WebSocket-Accept header is a hash of they key, which is intended to prevent a caching proxy from re-sending a previous conversation. It does not provide any authentication, privacy, or integrity.
Subsequent messages after the connection is established are framed minimally, with small headers. Messages can be split across several data frames (as when the initial data is available but complete message length is unknown).