Hello Friends,
I am in development of a web application that uses the new ColdFusion HTML5 websockets technology. I recently upgraded my MacBook Pro to Chrome30 from 29 and, what do you know, the websockets magically stopped working! After Google-ing for some context on the issue, it appears that Google has made changes to the way they implement the Sec-WebSocket-Protocol parameter negotiated during the socket setup. It turns out that the client (ColdFusion's Tag in JS) is sending the 'GET /cfusion HTTP/1.1' request with the Sec-WebSocket-Protocol key, which complies with the optional parameter defined in RFC6455. However, when the server responds back to the client with the '...Switching Protocols' response, it is passing back 'WebSocket-Protocol.' All of the other paramaters do include the 'Sec-' prefix, which does adhere to the RFC.
From what I have read, the failure, "WebSocket connection to ws://localhost:8585/cfusion' failed: Error during WebSocket handshake: Sec-WebSocket-Protocol mismatch"is either a result of either two things: 1) Chrome is no longer following the RFC6455 4.2.2 standard, or 2). They are now adhering strictly to the RFC and the ColdFusion server's non-compliance of the parameter is breaking the handshake.
I have read that some developers whom are implementing WS on Node.js and PHP, are completely removing the Sec-WebSocket-Protocol from the header to solve the problem. Luckily, I am still in development and have not experienced an outage because of the mixup. I have reported the issue to the Bug Tracking system, ID: 3645217.
If you have also run into the issue, please make a note on the bug to help escalate to our friends at Adobe. They are working hard to make ColdFusion one of the best server-side technolgies around, but we need to get their attention on this one as it is a non-starter, web-socket killer!
Regards,
Matt Bram
Message was edited by: mbram - Added link to bug.