I realized that a socket is, roughly speaking, a socket-interface (as the parameters of the computer's IP and port), which the program creates, through which another computer can connect to it by registering the same address and port. And then websockets loomed. What is the difference between them?
Socket is truly a programming interface . This is an abstract concept that, in most cases, is used to communicate programs on a network (but not only).
WebSocket is a protocol (some predetermined order) for exchanging data (such as http, ftp, ssl, etc.). This protocol goes on top of (transmitted over) the TCP protocol.
Socket and WebSocket are different concepts in principle. When working over the WebSocket protocol, you will use regular sockets for the connection. As well as when working with other protocols, sockets will be used (and for working with http, ftp, etc.).
For example, consider a line like – ws: //127.0.0.1: 15000. In it, ws is exactly an indication that the WebSocket protocol will be used for data exchange. 127.0.0.1 is the ip address of the computer, 15000 is the port to which the connection is made. So 127.0.0.1:15000 – this pair, so to speak, is a socket.
The WebSocket protocol was designed to maintain long-term, unbreakable connections between the browser (which is the client) and the website (which is the server).
The WebSocket protocol is not like HTTP. The only thing that it resembles HTTP – only one very first connection request (the so-called handshake / handshake). This was done because the protocol was originally designed to work in a browser and it was necessary to determine the possibility of supporting it. Once the connection is established, there is nothing close to HTTP in the WebSocket protocol.
The WebSocket protocol itself does not guarantee any security for the transmitted data. The minimum encoding that it provides is a banal XOR. In this case, the mask for the xorka is transmitted along with the message. And this cork is intended for transferring data through proxy servers that do not know anything about the WebSocket protocol. This is not protection of your data – this is the protection of a proxy server. And in the opposite direction (from the site to the browser), the data is not encoded with a cork, due to the lack of need.
It is the absence of any bells and whistles in the WebSocket protocol that enables it to work quickly.