WebSockets allow for bi-directional, full-duplex commication between a client and a server. So instead of the client having to issue a request to the server and wait for a response, the client and server can each send data over the line at any time. The way this works is first the client initiates a handshake. The server receives that handshake message and replies with its own message. That’s it. Once the handshake is complete, data can be sent at anytime. This saves a ton of overhead. More info here.

Now to build a proof of concept. I started out with Oliver Mezquita Prieto’s post which is written using the hixie-76 protocol. The source contains two projects, a WebSocket server and a WebSocket client. The server is a windows console application in C# and the client is HTML and javascript.

There were two major differences between the hixie-76 protocol and the more current RFC 6455 version that Chrome 16 uses.

1. Handshake
2. Data Framing

The Handshake
Chrome 16 sends the server a handshake that looks like this.

[0]: “GET /test HTTP/1.1″
[1]: “Upgrade: websocket”
[2]: “Connection: Upgrade”
[3]: “Host: localhost:8181″
[4]: “Origin: http://localhost:8080″
[5]: “Sec-WebSocket-Key: 3d+7Mq6H6kr1PhIho1cGMA==”
[6]: “Sec-WebSocket-Version: 13″
[7]:

The server needs to take the Sec-WebSocket-Key and translate this key in its response. The steps are:

1. Concatenate the “magic” GUID “258EAFA5-E914-47DA-95CA-C5AB0DC85B11″ to the given key. This results in “3d+7Mq6H6kr1PhIho1cGMA==258EAFA5-E914-47DA-95CA-C5AB0DC85B11″.
2. Compute the SHA1 hash.

The function is

public String ComputeWebSocketHandshakeSecurityHash09(String secWebSocketKey)
{
    const String MagicKEY = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
    String secWebSocketAccept = String.Empty;

    // 1. Combine the request Sec-WebSocket-Key with magic key.
    String ret = secWebSocketKey + MagicKEY;

    // 2. Compute the SHA1 hash
    SHA1 sha = new SHA1CryptoServiceProvider();
    byte[] sha1Hash = sha.ComputeHash(Encoding.UTF8.GetBytes(ret));

    // 3. Base64 encode the hash
    secWebSocketAccept = Convert.ToBase64String(sha1Hash);

    return secWebSocketAccept;
}

This must be sent to the client as “Sec-WebSocket-Accept”.

string line = ClientHandshakeLines.FirstOrDefault(l => l.Contains("Sec-WebSocket-Key:"));
if (!string.IsNullOrEmpty(line))
{
    Handshake = "HTTP/1.1 101 Switching Protocols" + Environment.NewLine;
    Handshake += "Upgrade: websocket" + Environment.NewLine;
    Handshake += "Connection: Upgrade" + Environment.NewLine;
    Handshake += "Sec-WebSocket-Accept: "; 
    Handshake += ComputeWebSocketHandshakeSecurityHash09(line.Substring(line.IndexOf(":") + 2));
    Handshake += Environment.NewLine;
    Handshake += Environment.NewLine;
}

The final response looks like this. Something important to mention is that each header line must end with \r\n (carriage return + line feed or ASCII 13 followed by ASCII 10). The last header must be followed by an additional \r\n (making that two) to indicate the end of the message.

[0]: “HTTP/1.1 101 Switching Protocols”
[1]: “Upgrade: websocket”
[2]: “Connection: Upgrade”
[3]: “WebSocket-Origin: http://localhost:8080″
[4]: “WebSocket-Location: ws://localhost:8181/test”
[5]: “Sec-WebSocket-Accept: btX/LN887VqIxyneBXdiC+9z1MA=”
[6]:
[7]:

Data Framing
Once the handshake is complete, the client and server can send messages at any time. Every message sent from the client to the server or the server to the client must include information that will allow the recipient to parse the data. The following figure shows the high level overview of formatting required.

      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-------+-+-------------+-------------------------------+
     |F|R|R|R| opcode|M| Payload len |    Extended payload length    |
     |I|S|S|S|  (4)  |A|     (7)     |             (16/63)           |
     |N|V|V|V|       |S|             |   (if payload len==126/127)   |
     | |1|2|3|       |K|             |                               |
     +-+-+-+-+-------+-+-------------+ - - - - - - - - - - - - - - - +
     |     Extended payload length continued, if payload len == 127  |
     + - - - - - - - - - - - - - - - +-------------------------------+
     |                               |Masking-key, if MASK set to 1  |
     +-------------------------------+-------------------------------+
     | Masking-key (continued)       |          Payload Data         |
     +-------------------------------- - - - - - - - - - - - - - - - +
     :                     Payload Data continued ...                :
     + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
     |                     Payload Data continued ...                |
     +---------------------------------------------------------------+

The important fields to mention here are

• opcode – indicates the type of data in the message. In our example, 0001 indicates text.
• mask – indicates whether the data is masked. As far as I can tell, this is required and should always be 1.
• Payload len – length of the message if it is under 126. If the length is 126 or greater, then the Extended payload lengths much be used. In our example, we will force the length to be under 126 and not worry about the Extended payload length.
• Masking-key – Randomly generated bytes used to mask the payload data for security.
• Payload Data – masked message.

Here is the function for encoding a text message.

public byte[] HybiEncode(string message)
{
    if (message.Length > 125)
    {
        message = message.Substring(0, 125);
    }

    byte[] payload = Encoding.UTF8.GetBytes(message);
    List<int> frameHead = new List<int>();
    int payloadLength = payload.Length;
    
    frameHead.Add(129); // 1000 0001 FIN and opcode of text
    frameHead.Add(payloadLength + 128); // 128 for masking

    Random random = new Random();
    List<int> mask = new List<int>();
    for(int i = 0; i < 4; i++)
    {
        mask.Add(random.Next(0, 255));
    }
    frameHead.AddRange(mask);

    for (int i = 0; i < payloadLength; i++)
    {
        frameHead.Add(payload[i] ^ mask[i % 4]);
    }

    return frameHead.Select(e => (byte)e).ToArray();
}

Messages received from the client will also be encoded this way and will need to be decoded.

public string HybiDecode(byte[] data)
{
    byte firstByte = data[0];
    byte secondByte = data[1];
    int opcode = firstByte & 0x0F;
    bool isMasked = ((firstByte & 128) == 128);
    int payloadLength = secondByte & 0x7F;

    if (!isMasked) { return null; } // not masked
    if (opcode != 1) { return null; } // not text

    List<int> mask = new List<int>();
    for (int i = 2; i < 6; i++)
    {
        mask.Add(data[i]);
    }
    int payloadOffset = 6;
    int dataLength = payloadLength + payloadOffset;

    List<int> unmaskedPayload = new List<int>();
    for (int i = payloadOffset; i < dataLength; i++)
    {
        int j = i - payloadOffset;
        unmaskedPayload.Add(data[i] ^ mask[j % 4]);
    }

    return ToAscii(unmaskedPayload.Select(e => (byte)e).ToArray());
}

public string ToAscii(byte[] data)
{
    System.Text.ASCIIEncoding decoder = new System.Text.ASCIIEncoding();
    return decoder.GetString(data, 0, data.Length);
}

Resources
- http://www.undisciplinedbytes.com/2010/06/html-5-c-web-sockets-server-and-asp-net-client-implementation/
- http://www.codeproject.com/KB/HTML/Web-Socket-in-Essence.aspx
- http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-10#page-15
- https://github.com/lemmingzshadow/php-websocket/blob/master/server/lib/WebSocket/Connection.php
- http://stackoverflow.com/questions/7040078/how-to-deconstruct-data-frames-in-websockets-hybi-08

0 comments , permalink

Our base SharePoint 2010 Publishing master page calls a JavaScript function that does things such as:

• Initialize jQuery plugins
• Configure some top-navigation tweaks
• Miscellaneous items such as setting the date in the copyright footer
• Initialize Google Analytics

We call this function right before the end of the head section of the master page. The contents of the JavaScript function are enclosed in a jQuery $(document).ready block, meaning that the function will run after the DOM is ready.

A drawback to this approach is that JavaScript that manipulate elements on the screen only executes after the DOM is ready. This isn’t a great user experience because the user can see the “jumpiness” on screen as the script executes.

I ran this by our resident web ninja Jacob Gable and he suggested breaking up the JavaScript function into smaller chunks and calling those chunks directly after the HTML content that they affect; for example:

<div id="footer">
    <span id="footer-year"></span>&nbsp;All rights reserved.
    <script type="text/javascript">
        SetCopyrightDate();
    </script>
</div>

where SetCopyrightDate uses jQuery to set the date to the current year:

function SetCopyrightDate()
{
    var today = new Date();
    var yr = today.getFullYear();
    $("#footer-year").text("© " + yr);
}

This is pretty obvious in retrospect; your JavaScript can be sprinkled throughout the page as needed. People are scared away by this, wanting to have a super-clean master page.

However, in this case, pulling out some JavaScript functionality into separate functions and calling them from the master page does the trick.

The remaining JavaScript can stay in a global function and run in a $(document).ready block; for us, all this does now is initialize jQuery plugins we’re using throughout the site.

1 comment , permalink

Many ASP.NET applications utilize the System.Web.Caching.Cache in some way. While it offers a pretty simple Dictionary-like API that your app can start using immediately, I typically create a combined “tell-don’t-ask” wrapper around it – which has some additional architectural benefits as well.

1. Ugly, non-generic casting
2. Manual null checks
3. Duplicating the string for the key
4. Lots of implementation details sprinkled around
5. No out of box way to scope the cache. For example, cache a unique copy of the item for each User

public ActionResult Bad()
{
    var firstVisit = HttpContext.Cache.Get("FirstVisit") as DateTime?;
    if(firstVisit == null)
    {
        firstVisit = DateTime.Now;
        HttpContext.Cache.Insert("FirstVisit", firstVisit, null, DateTime.Now.AddMinutes(1), TimeSpan.Zero);
    }

    return View("Index", firstVisit.Value);
}

A simple ICache/HttpCache wrapper

The wrapper I create is used below. It’s nothing revolutionary, but does try to cut down on the redundancy, while adding a few features as well. The following code functions exactly the same as the code above.

public ActionResult Index()
{
    var firstVisit = _cache.Get(CacheScope.User, "FirstVisit", TimeSpan.FromMinutes(1), () => DateTime.Now);
    return View(firstVisit);
}

The three biggest changes are:

1. Implicit generic casting (the Get() method is automatically returning a nice, typed DateTime object because the Func<T> at the end became a Func<DateTime>)
2. Tell-don’t-ask. Instead of asking the cache if it already contains something by checking for null, then creating and adding the new item into the cache, I’d rather just combine these 2 functions and have the cache figure out what it needs to do. The last method parameter is a Func<T> which will be invoked if the item is not already in the cache.
3. Added a CacheScope which allows the developer to cache something application-wide, or for each user individually.

Architectural advantages

Aside from these API usage changes we also get 2 big architectural advantages:

1. The application can rely on a new ICache interface, which means you can access the cache from a lower, non-web layer without having to reference System.Web
2. The provided implementation of ICache is an HttpCache, which by default uses HttpContext.Current, but provides a nice testability hook to plug in your own mocked HttpContextBase if you want to do some integration testing

Going the extra mile

You may notice that our controller still has intimate knowledge of our caching strategy: duration, scope, the string-based key, etc. This code-duplication lightning-rod could easily be copy-pasted around. One possible way to solve this would be to create something like the following AppCache.

A central AppCache

/// <summary>
/// This class demonstrates fully abstracting the details of your caching strategy and could serve as the single entry point for cached data
/// </summary>
public static class AppCache
{
    public static ICache InternalCache = new HttpCache();

    public static DateTime UsersFirstVisit = InternalCache.Get(CacheScope.User, "FirstVisit", TimeSpan.FromMinutes(1), () => DateTime.Now);
}

Usage in a Controller

public ActionResult FullyAbstracted()
{
    var firstVisit = AppCache.UsersFirstVisit;
    return View("Index", firstVisit);
}

Now we are completely free to change the caching strategy of our application in a single place.

Get the Code

Rather than pasting the full source here, I will be publishing it along with a sample project at http://mvcgrabbag.codeplex.com

Browse the HttpCache code, MvcGrabBag.Web/Caching folder

0 comments , permalink