Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
simple to use, blazing fast and thoroughly tested websocket client, server and console for node.js, up-to-date against RFC-6455
The 'ws' npm package is a simple to use, fast, and thoroughly tested WebSocket client and server implementation. It provides the necessary tools to build real-time applications with WebSocket support in Node.js.
Creating a WebSocket server
This code sample demonstrates how to create a WebSocket server that listens on port 8080. When a client connects, it sets up an event listener for messages and logs them. It also sends a message 'something' to the client.
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 8080 });
wss.on('connection', function connection(ws) {
ws.on('message', function incoming(message) {
console.log('received: %s', message);
});
ws.send('something');
});
Creating a WebSocket client
This code sample shows how to create a WebSocket client that connects to a WebSocket server. Once the connection is open, it sends a message 'something' to the server and logs any messages received from the server.
const WebSocket = require('ws');
const ws = new WebSocket('ws://www.host.com/path');
ws.on('open', function open() {
ws.send('something');
});
ws.on('message', function incoming(data) {
console.log(data);
});
Broadcasting to all clients
This code sample illustrates how to broadcast a message to all connected clients except the sender. It loops through all clients and sends the message if the client is not the sender and the connection is open.
const WebSocket = require('ws');
const wss = new WebSocket.Server({ port: 8080 });
wss.on('connection', function connection(ws) {
ws.on('message', function incoming(data) {
wss.clients.forEach(function each(client) {
if (client !== ws && client.readyState === WebSocket.OPEN) {
client.send(data);
}
});
});
});
Socket.IO is a library that enables real-time, bidirectional and event-based communication between web clients and servers. It's more feature-rich than 'ws', providing built-in support for broadcasting to multiple sockets, handling reconnection, and other high-level features. However, it's also heavier and less minimalistic than 'ws'.
Faye is a WebSocket (and EventSource) implementation that is designed for ease of use and compatibility across a wide range of browsers. It's similar to 'ws' but also works in client-side JavaScript, unlike 'ws' which is Node.js only.
The 'websocket' package provides both client and server implementations of the WebSocket protocol. It offers a similar API to 'ws' but also includes a fallback option for older browsers that do not support WebSockets, using Flash sockets or other transport protocols.
ws
is a simple to use WebSocket implementation, up-to-date against RFC-6455,
and probably the fastest WebSocket library for node.js.
Passes the quite extensive Autobahn test suite. See http://websockets.github.com/ws for the full reports.
disableHixie
option to true.)protocolVersion: 8
)protocolVersion: 13
)npm install --save ws
There are 2 optional modules that can be installed along side with the ws
module. These modules are binary addons which improve certain operations, but as
they are binary addons they require compilation which can fail if no c++
compiler is installed on the host system.
npm install --save bufferutil
: Improves internal buffer operations which
allows for faster processing of masked WebSocket frames and general buffer
operations.npm install --save utf-8-validate
: The specification requires validation of
invalid UTF-8 chars, some of these validations could not be done in JavaScript
hence the need for a binary addon. In most cases you will already be
validating the input that you receive for security purposes leading to double
validation. But if you want to be 100% spec-conforming and have fast
validation of UTF-8 then this module is a must.var WebSocket = require('ws');
var ws = new WebSocket('ws://www.host.com/path');
ws.on('open', function open() {
ws.send('something');
});
ws.on('message', function(data, flags) {
// flags.binary will be set if a binary data is received.
// flags.masked will be set if the data was masked.
});
var WebSocket = require('ws');
var ws = new WebSocket('ws://www.host.com/path');
ws.on('open', function open() {
var array = new Float32Array(5);
for (var i = 0; i < array.length; ++i) {
array[i] = i / 2;
}
ws.send(array, { binary: true, mask: true });
});
Setting mask
, as done for the send options above, will cause the data to be
masked according to the WebSocket protocol. The same option applies for text
data.
var WebSocketServer = require('ws').Server
, wss = new WebSocketServer({ port: 8080 });
wss.on('connection', function connection(ws) {
ws.on('message', function incoming(message) {
console.log('received: %s', message);
});
ws.send('something');
});
var server = require('http').createServer()
, url = require('url')
, WebSocketServer = require('ws').Server
, wss = new WebSocketServer({ server: server })
, express = require('express')
, app = express()
, port = 4080;
app.use(function (req, res) {
res.send({ msg: "hello" });
});
wss.on('connection', function connection(ws) {
var location = url.parse(ws.upgradeReq.url, true);
// you might use location.query.access_token to authenticate or share sessions
// or ws.upgradeReq.headers.cookie (see http://stackoverflow.com/a/16395220/151312)
ws.on('message', function incoming(message) {
console.log('received: %s', message);
});
ws.send('something');
});
server.on('request', app);
server.listen(port, function () { console.log('Listening on ' + server.address().port) });
var WebSocketServer = require('ws').Server
, wss = new WebSocketServer({ port: 8080 });
wss.broadcast = function broadcast(data) {
wss.clients.forEach(function each(client) {
client.send(data);
});
};
// If the WebSocket is closed before the following send is attempted
ws.send('something');
// Errors (both immediate and async write errors) can be detected in an optional
// callback. The callback is also the only way of being notified that data has
// actually been sent.
ws.send('something', function ack(error) {
// if error is not defined, the send has been completed,
// otherwise the error object will indicate what failed.
});
// Immediate errors can also be handled with try/catch-blocks, but **note** that
// since sends are inherently asynchronous, socket write failures will *not* be
// captured when this technique is used.
try { ws.send('something'); }
catch (e) { /* handle error */ }
var WebSocket = require('ws');
var ws = new WebSocket('ws://echo.websocket.org/', {
protocolVersion: 8,
origin: 'http://websocket.org'
});
ws.on('open', function open() {
console.log('connected');
ws.send(Date.now().toString(), {mask: true});
});
ws.on('close', function close() {
console.log('disconnected');
});
ws.on('message', function message(data, flags) {
console.log('Roundtrip time: ' + (Date.now() - parseInt(data)) + 'ms', flags);
setTimeout(function timeout() {
ws.send(Date.now().toString(), {mask: true});
}, 500);
});
For a full example with a browser client communicating with a ws server, see the examples folder.
Note that the usage together with Express 3.0 is quite different from Express 2.x. The difference is expressed in the two different serverstats-examples.
Otherwise, see the test cases.
make test
See /doc/ws.md
for Node.js-like docs for the ws classes.
We're using the GitHub releases
for changelog entries.
(The MIT License)
Copyright (c) 2011 Einar Otto Stangvik <einaros@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Simple to use, blazing fast and thoroughly tested websocket client and server for Node.js
We found that ws demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.