This is definitely a cool hack, but please be mindful of the security considerations of deploying something like this on the internet. Running an open proxy that allows any client to perform arbitrary TCP connections bouncing through your servers is a bad idea.
First, you need to worry about the security implications of each internal server that you expose intentionally. Just how much damage can someone with direct access to your Redis instance cause? Better read http://redis.io/topics/security, and repeat this for every other service you want to expose.
Second, you are going to effectively need a whitelist of allowed connections, either in the proxy, or at the firewall level (which most people are going to forget to configure, if they even know how). Without that you are going to allow arbitrary bypass of your firewall for internal services, as well as effectively running an open proxy for anyone looking to bounce their malicious traffic through your server.
it's not about pure tcp, as i get it - it allows you communicate from browser directly (via webtcp server as a bridge) with any servers such as redis, mongodb, rabbitmq and so on.
WebBrowser --- data ---> WebTCP bridge (translate data to servers) --- data ---> redis/rabbitmq/any_tcp(and i think udp also possible?)_server_even_smtp
I think this is a great idea. From the moment I heard of WebSockets I was disappointed it was only a thing between the sockets-capable-web-server and the client and not a real TCP connection to wherever you want. This solves stuff :) However, I think that you should keep an eye on the possible security implications (ex. fooling the same origin policy, using your websockets proxy as a hub to attack other systems on the internet, ...)
Isn't the major benefit of WebSockets that is actually has a fair chance to pass through all the crazy proxies and gateways installed in every office, home and coffe shop, that would otherwise filter any non-HTTP traffic?
This is just what I need to complete the in-browser app I'm building to navigate and read these new hypertext pages I'm creating. I've developed a markup language that will let you reference any of these documents from any other. The app that lets you view them is going to work in any browser that supports WebTCP, too, for the ultimate in cross-platform compatibility!
Nice hack (although I would put this in the category of 'workaround'). The idea is cool, but I can already imagine all sorts of debugging nightmares with this approach. To begin with, how do we find out where the connection is broken (Is it the client socket or the proxy socket)? Bad connections have different reasons (in C terms: ECONNRESET, EWOULDBLOCK, ENETUNREACH, etc); are these specific reasons propagated verbatim? What about flow control between proxy and client?
There is always a chasm between whipping up a cool hack and making something usable. This hack needs a long bridge in between.
This is an awesome hack. We really need real TCP connections from the browser. Until then this looks like a great workaround. I eagerly await the day we can use the browser for everything we do (did?) with Desktop apps.
[+] [-] cstejerean|13 years ago|reply
First, you need to worry about the security implications of each internal server that you expose intentionally. Just how much damage can someone with direct access to your Redis instance cause? Better read http://redis.io/topics/security, and repeat this for every other service you want to expose.
Second, you are going to effectively need a whitelist of allowed connections, either in the proxy, or at the firewall level (which most people are going to forget to configure, if they even know how). Without that you are going to allow arbitrary bypass of your firewall for internal services, as well as effectively running an open proxy for anyone looking to bounce their malicious traffic through your server.
[+] [-] aidenn0|13 years ago|reply
[+] [-] chewxy|13 years ago|reply
If you want a client-side app that uses TCP, why must you do it over the web? The appeal of write-once-run-everywhere?
[+] [-] sneak|13 years ago|reply
It's not entirely bogus, just mostly so. I really dislike this whole "the internet == the web" way of thinking, though.
[+] [-] icebraining|13 years ago|reply
So it's really more like a NAT bridge.
[+] [-] khakimov|13 years ago|reply
WebBrowser --- data ---> WebTCP bridge (translate data to servers) --- data ---> redis/rabbitmq/any_tcp(and i think udp also possible?)_server_even_smtp
[+] [-] yankoff|13 years ago|reply
[+] [-] flux_w42|13 years ago|reply
[+] [-] 0x0|13 years ago|reply
[+] [-] dwj|13 years ago|reply
[+] [-] lttlrck|13 years ago|reply
[+] [-] drblast|13 years ago|reply
[+] [-] seats|13 years ago|reply
http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
[+] [-] eungyu|13 years ago|reply
There is always a chasm between whipping up a cool hack and making something usable. This hack needs a long bridge in between.
[+] [-] y0ghur7_xxx|13 years ago|reply
[+] [-] angersock|13 years ago|reply
[+] [-] smagch|13 years ago|reply
http://news.ycombinator.com/item?id=4366555 http://browserver.org/
[+] [-] saljam|13 years ago|reply