Why do browsers block some ports?

Question

I\'m playing around with websockets and it appears, that all browsers with native websocket support I tested with (Safari, Chrome) block some ports. If I try to connect to m

Answer 1

Okay, I found the answer. Sometimes you just don't see the forest for the trees.

First off, handling cases of blocked ports is trivial. A simple try/catch does the trick. I was simply confused by the way Chrome displayed that exception and didn't recognize it as such right away (I usually use Firefox).

Secondly, the WebSockets API Specification explicitly states that

If port is a port to which the user agent is configured to block access, then throw a SECURITY_ERR exception. (User agents typically block access to well-known ports like SMTP.)

What ports exactly are meant by that appears to be up to the browser's Websocket implementation. My tests have shown that Chrome and Safari block the following ports (only ports below 1024 were tested):

• 1: TCPMUX
• 7: Echo Protocol
• 9: Discard Protocol
• 11: systat service
• 13: Daytime Protocol
• 15: Netstat service
• 17: Quote of the Day
• 19: Character Generator Protocol
• 20: FTP
• 21: FTP
• 22: SSH
• 23: Telnet
• 25: SMTP
• 37: TIME protocol
• 42: nameserver/WINS
• 43: WHOIS
• 53: DNS
• 77: RJE Service
• 79: Finger
• 87: link
• 95: supdup
• 101: NIC host name
• 102: ISO-TSAP
• 103: gppitnp
• 104: ACR/NEMA
• 109: POP2
• 110: POP3
• 111: SunRPC
• 113: ident
• 115: SFTP
• 117: UUCP Path Service
• 119: NNTP
• 123: NTP
• 135: Microsoft EPMAP
• 139: NetBIOS Session Service
• 143: IMAP
• 179: BGP
• 389: LDAP
• 465: Cisco protocol
• 512: comsat
• 513: rlogin
• 514: Syslog
• 515: Line Printer Daemon
• 526: tempo
• 530: RPC
• 531: IRC
• 532: netnews
• 540: UUCP
• 556: RFS
• 563: NNTPS
• 587: SMTP
• 601: unknown
• 636: LDAPS
• 993: IMAPS
• 995: POP3S

The associated services are taken from the list of TCP and UDP port numbers on Wikipeda.