Draft
This page is not complete.
The Sec-WebSocket-Accept header is used in the websocket opening handshake. It would appear in the response headers. That is, this is header is sent from server to client to inform that server is willing to initiate a websocket connection.
Header type | Response header |
---|---|
Forbidden header name | no |
Syntax
Sec-WebSocket-Accept: <hashed key>
Directives
- <hashed key>
-
The server takes the value of the Sec-WebSocket-Key sent in the handshake request, appends
258EAFA5-E914-47DA-95CA-C5AB0DC85B11
, takes SHA-1 of the new value, and is then base64 encoded.
Examples
Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
Specification
Specification | Title |
---|---|
RFC 6455, section 11.3.3: Sec-WebSocket-Accept | The WebSocket Protocol |
See also
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
No compatibility data found. Please contribute data for "http.headers.Sec-WebSocket-Accept" (depth: 1) to the MDN compatibility data repository.