What Is WebSocket? Real-Time Communication Explained
WebSocket is a communication protocol that provides a persistent, full-duplex channel over a single TCP connection. Unlike HTTP, where the client must initiate every request, WebSocket keeps the connection open so the server can push data to the client at any time — enabling real-time features like chat, live scores, and collaborative editing.
WebSocket vs HTTP Polling
Traditional HTTP polling has the client send a request every N seconds to check for updates. Short polling wastes bandwidth; long polling holds requests open until an event occurs. WebSocket eliminates this overhead: after an initial HTTP upgrade handshake, a single TCP connection is maintained, and either side can send a message frame at any time with 2–14 bytes of header overhead.
When to Use WebSocket
Use WebSocket for: chat applications, live dashboards and financial tickers, multiplayer games, collaborative document editing, push notifications requiring sub-second latency. For less frequent updates (every few seconds), Server-Sent Events (SSE) is simpler — a one-way push channel over HTTP. For very infrequent updates, HTTP polling or webhooks are sufficient.
WebSocket Security
Always use wss:// (WebSocket Secure over TLS), never plain ws:// in production. Validate the Origin header on the server to prevent cross-site WebSocket hijacking. Authenticate connections using tokens (JWT or session cookies) at the handshake phase. Rate-limit message frames per connection to prevent denial-of-service attacks.