Closed
Bug 433767
Opened 17 years ago
Closed 17 years ago
XMPP: Get HTTP polling transport working over HTTPS
Categories
(Cloud Services :: General, enhancement, P1)
Cloud Services
General
Tracking
(Not tracked)
RESOLVED
FIXED
0.2
People
(Reporter: jono, Unassigned)
References
Details
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9b5) Gecko/2008032619 Firefox/3.0b5
Build Identifier:
Our XMPP component needs encryption. With the HTTP Polling transport that we use, we shouldn't have to implement the SSL negotiation -- it should be happening at a lower level, on the HTTP connection.
I need to set up a test where the HTTP polling is done across an HTTPS connection. If everything works, then great! We've got SSL for free. If not, then I need to figure out why, and what I need to do to get it working.
Reproducible: Always
|
||
Comment 1•17 years ago
|
||
To be clear, we should only ever be using HTTPS for transport for user-data.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P1
Target Milestone: -- → 0.2
|
|
||
Updated•17 years ago
|
|
||
Comment 2•17 years ago
|
||
What is the reason for choosing HTTP polling? Does it have _any_ advantages over HTTP binding (XEP-0124 & XEP-0206)?
|
||
Comment 3•17 years ago
|
||
As I understand it, yes: it is easier to implement, and can be implemented with XHRs.
|
|
||
Comment 4•17 years ago
|
||
HTTP binding is also implemented with XMLHttpRequests. Libraries exist which make it easy on the client side (JSJaC, Xmpp4Js).
HTTP binding will also put less pressure on the server than HTTP polling (except if you poll very rarely, like once every 4-5 minutes). That's especially true with HTTPS connections, which are particularly heavy for the server. And of course, with HTTP binding you get much better responsiveness.
So even if Weave employs HTTP polling for now, perhaps you should leave a door open for easy switching to HTTP binding in the future.
|
|
||
Comment 5•17 years ago
|
||
Absolutely, we do not intend to use HTTP polling forever. We just want something that we can quickly set up and demo. We're aware of the server load problems, we'll tone down the polling frequency to make it viable.
Both of those libraries look interesting, though they are not MPL. We may be able to use LGPL libraries, I'm not sure.
|
||
Comment 6•17 years ago
|
||
I talked to the author of JSJaC last week, and he said he'd relicense MPL. Beforehand, I did some interop testing: polling and BOSH both work fine with eJabberd.
|
|
||
Comment 7•17 years ago
|
||
License changed:
http://zeank.in-berlin.de/2008/06/17/changed-licensing-of-jsjac/
(thanks Stefan!)
|
|
||
Comment 8•17 years ago
|
||
thanks all. we're going to run with our chrome xmpp implementation for 0.2 and do another review for 0.3. jono will work to get the client and ejabberd setup working over https.
Anant set up a proxy to forward from https://sm-labs01.mozilla.org:81/xmpp to the url that ejabberd listens on, http://sm-labs01.mozilla.org:5280/http-poll. I pointed the client at that URL and everything works (the underlying XmlHttpRequest object knows how to engage SSL).
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
|
||
Updated•16 years ago
|
Component: Weave → General
Product: Mozilla Labs → Weave
|
||
Updated•16 years ago
|
QA Contact: weave → general
You need to log in
before you can comment on or make changes to this bug.
Description
•