问题
about websocket protocal ,you can read the detail from here,http://tools.ietf.org/html/rfc6455#section-5.3
in the mask section ,it said:
The masking key is a 32-bit value chosen at random by the client.
When preparing a masked frame, the client MUST pick a fresh masking
key from the set of allowed 32-bit values. The masking key needs to
be unpredictable; thus, the masking key MUST be derived from a strong source of entropy, and the masking key for a given frame MUST NOT
make it simple for a server/proxy to predict the masking key for a
subsequent frame. The unpredictability of the masking key is
essential to prevent authors of malicious applications from selecting the bytes that appear on the wire. RFC 4086 [RFC4086] discusses what entails a suitable source of entropy for security-sensitive
applications.
i don't get why must the mask key be unpredictable ,not to mention is the mask really be necessary here?since you send it every time ,the sniffer can get it and easily decrypt it.the only useful thing i could think is it's made the playload data unreadable for human in the first place,and take more time for server to handle a receive
回答1:
It's not about security for the payload data it's to make it impossible for the sender of the data to be able to predict the actual bytes that appear on the wire.
Masking of WebSocket traffic from client to server is required because of the unlikely chance that malicious code could cause some broken proxies to do the wrong thing and use this as an attack of some kind. Nobody has proved that this could actually happen, but since the fact that it could happen was reason enough for browser vendors to get twitchy, masking was added to remove the possibility of it being used as an attack.
The idea being that since the API level code generating the WebSocket frame gets to select a masking key and mask the data supplied by the application code the application code cannot in any meaningful way dictate the data that ends up passing through the potentially broken intermediaries and therefore can't cause trouble. Since the masking key is in the frame intermediaries can be written to understand and unmask the data to perform some form of clever inspection if they want to.
This also explains the lack of masking from server to client... I wrote more about this on my blog, here.
来源:https://stackoverflow.com/questions/18286936/about-websockets-mask-field