@techreport{damjanovic-websockets-nomasking-02, number = {draft-damjanovic-websockets-nomasking-02}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-damjanovic-websockets-nomasking/02/}, author = {Dragana Damjanovic}, title = {{WebSocket Extension to disable masking}}, pagetotal = 4, year = 2024, month = feb, day = 27, abstract = {The WebSocket protocol specifies that all frames sent from the client to the server must be masked. This was introduced as a protection against a possible attack on the infrastructure. With careful consideration, the masking could be omitted when intermediaries do not have access to the unencrypted traffic. This specification introduces a WebSocket extension that disables the mandatory masking of frames sent from the client to the server. The extension is allowed only if the client uses an encrypted connection.}, }