Oddbean new post about | logout
cloud fodder | 1 years ago (raw) | root | parent | reply | flag 
 Ya it's funny I was just searching around for doing header auth on websocket upgrades and it sounds like browsers (JavaScript websocket API) don't support this.. course that's just stackoverflow I didn't deep dive on it. 😁
brugeman | 1 years ago (raw) | root | parent | reply | flag 
 Oh shit that's true, no websocket headers from browsers :(
It could be a 'secret' included in url but then it will be logged by every damn thing in the middle of you and the relay, not sure if passing long-lived secrets in urls is a good practice.
cloud fodder | 1 years ago (raw) | root | parent | reply | flag 
 Maybe now I get why nip42 is the way it is haha
brugeman | 1 years ago (raw) | root | parent | reply | flag +1 
 Yeah I remember most of this stuff discussed in nip42 PR 😉