What is socket hijacking?

Question

I'm reading a great post on Rails 5 actioncable introduction. There it says: "Action Cable uses the Rack socket hijacking API to take over control of connections from the application server. ". What does the "socket hijacking" mean?

Answer 1

Socket Hijacking was implemented with rack 1.5.0 - a modular Ruby webserver interface.

Rack 1.5.0 basically provides a simple and adaptable interface for developing apps in rails. It does this by wrapping HTTP requests and their responses in a simply way. It also combines the API's for web servers, web frameworks, and middleware into a single method call.

So, in rack 1.5.0 socket hijacking is used to allow rails apps to overtake the client socket and perform other operations on it. These operations include:

• Implementing WebSockets
• Streaming data
• Other interactivity between user's browser and server

---

WebSockets allows the user to send messages to a server and receive event driven responses without having to poll the server for a reply.

This is shown in this diagram - as you can see, once the WebSocket connection is opened, messages can be sent and received between the user and server.

---

Anyway, in the Rack Socket Hijacking API that you specified, it essentially provides two modes:

• Full hijacking API

  • This gives the app complete control over what goes over the socket. The app server doesn’t send anything over the socket, and lets the app take care of it.

• Partial hijacking API

  • This gives the app control over the socket after the app server has already sent out headers. This mode is basically used for streaming.

So - In the end, socket hijacking basically allows ruby/rails apps to override/overtake a client socket and carry out different functions on it, or as you wrote - take control of connections from the application server.