What is the difference between a socket and a websocket?
I realized that a socket is roughly speaking a socket-interface (as the parameters of the computer's IP and port), which is created by the program, through which another computer can connect to it by writing the same address and port. And then the web sockets loomed. What is the difference between them?
2 answers
A web socket is just a wrapper around regular TCP sockets (although I suspect there could theoretically be one around anything that might look like a socket). The difference from regular sockets is that the exchange protocol is standardized (but there are several standards) and the exchange is very similar to regular HTTP. Also, browsers can do it out of the box (not all true). And also websockets help with security and other buns.
Why is this necessary? it's simple. People on the modern Web they want chats, push notifications, and regular http is unidirectional and they have to constantly knock on the server. It is difficult to add regular sockets in JavaScript (we will not say why), so we made a beautiful wrapper.
Socket is really a programming interface. This is an abstract concept that, in most cases, is used to communicate programs on the network (but not only).
WebSocket is a protocol (some pre-defined order) for data exchange (such as http, ftp, ssl, etc.). This protocol goes over (transmitted via) the TCP protocol.
Socket and WebSocket are different concepts in in principle. When using the WebSocket protocol, you will use regular sockets for the connection. As well as when working with other protocols, sockets will be used (and for working with http, ftp, etc.).
For example, consider a string like-ws:/ / 127.0.0.1: 15000. In it, ws is an indication that the WebSocket protocol will be used for data exchange. 127.0.0.1 is the ip address of the computer, 15000 is the port to which the connection is made. So 127.0.0.1:15000 - this pair, if you can say so, and is a socket.
The WebSocket protocol was created in order to support long-term continuous connections between the browser (which is the client) and the website (which is the server).
The WebSocket protocol is not like HTTP. The only thing that it resembles HTTP is only the very first connection request (the so-called handshake). This was done because the protocol was originally designed to work in and it was necessary to determine the possibility of supporting it. Once the connection is established, there is nothing even close to the HTTP protocol in the WebSocket protocol.
The WebSocket protocol itself does not guarantee any security for the transmitted data. The minimum encoding that it provides is a banal XOR (XOR). In this case, the mask for the xorc is passed along with the message. And this xork is intended for transmitting data through proxy servers that are nothing they don't know about the WebSocket protocol. It's not protecting your data - it's protecting the proxy server. And in the opposite direction (from the site to the browser), the data is not encoded by xorka, because there is no need.
It is the absence of any bells and whistles in the WebSocket protocol that gives it the ability to work quickly.