cookiesnode.jswebsocket

How to send cookies when connecting to socket.io via WebSockets?


Is there a way to easily pass an authentication cookie when handshaking a WebSocket connection to socket.io? I currently have to do it separately, like so:

socket = new io.Socket(document.location.hostname);
socket.addEvent("connect", function()
{
    // Send PHP session ID, which will be used to authenticate
    var sessid = readCookie("PHPSESSID");
    this.send("{'action':'authenticate','sessionid':'"+sessid+"'}");
});

Solution

  • WebSockets do have support for cookies since they are based on HTTP, but a quick browse through the source of Socket.IO revealed that there is no support for this built in.

    So using cookies directly is not a feasible solution in this case, also, since you're using Socket.IO, it's not guaranteed that users will actually connect via a WebSocket.

    In the case that a connection uses a flash socket, it's really hard to make Flash send the Browser's cookies instead of it's own set, so even if you would send a cookie directly, it wouldn't get set in the Browser in case of a flask socket connection.

    Currently there's no support for this built into Socket.IO, so flash sockets will just fail.

    You can read about that in this issue, and here's a question about the flash cookie problem.

    Best solution is still to make it part of your own protocol.