WebSockets

0%
Theory
Quiz

    Fundamentals & Benefits

    • What is WebSocket and how does it fundamentally differ from traditional HTTP communication?

      Junior
    • What are some canonical use cases where WebSockets are the ideal choice?

      Junior
    • Explain full-duplex communication in the context of WebSockets.

      Junior
    • Why would you choose to use WebSockets in an application, and what problems do they solve that traditional HTTP methods cannot?

      Junior
    • Explain the concept of a persistent connection in WebSockets and why it's beneficial.

      Junior
    • Can you explain the concept of full-duplex, persistent, and bidirectional communication in WebSockets?

      Junior
    • What are the advantages of using WebSockets over traditional HTTP communication?

      Junior
    • What are some common use cases for WebSockets, and when would you choose not to use them?

      Junior
    • What are the main advantages and disadvantages of using WebSockets?

      Junior
    • What are some limitations or drawbacks of using WebSockets?

      Mid
    • What is the significance of a persistent, single TCP connection in WebSockets compared to repeated HTTP requests?

      Mid
    • How do WebSockets achieve low latency and reduced overhead compared to traditional HTTP request/response cycles?

      Mid

    Comparison With Other Protocols

    • Explain the key differences between WebSockets and HTTP polling.

      Junior
    • Compare and contrast WebSockets with short polling, long polling, and Server-Sent Events, and explain when you would choose each and their respective trade-offs.

      Mid
    • Compare and contrast WebSockets with Server-Sent Events (SSE). When would you choose one over the other?

      Mid
    • For a scenario requiring unidirectional server-to-client updates versus bidirectional client-server communication, which real-time technique (WebSockets, SSE, Long Polling) would you choose for each and why?

      Mid
    • What is the difference between WebSockets and webhooks?

      Mid
    • What are the advantages of Server-Sent Events over WebSockets for unidirectional server-to-client communication, particularly regarding built-in features like automatic reconnection?

      Mid
    • How does the message overhead of WebSockets compare to traditional HTTP for real-time communication?

      Mid
    • How does WebSocket compare to WebRTC, and when would you choose one over the other?

      Mid
    • Compare WebSockets with gRPC, highlighting their key differences and use cases.

      Senior
    • How does the bandwidth efficiency of WebSockets, SSE, and long-polling compare for constant updates?

      Senior
    • When might HTTP/2 server push or streaming be a better alternative or complement to WebSockets?

      Senior
    • What is the WebTransport API, and how does it compare to WebSockets, especially concerning head-of-line blocking and reliable/unreliable data delivery over HTTP/3?

      Senior

    Handshake & Connection Upgrade

    • How does the WebSocket handshake work, including the role of Connection: Upgrade, Upgrade: websocket, Sec-WebSocket-Key, and Sec-WebSocket-Accept?

      Mid
    • Explain the purpose of the Sec-WebSocket-Protocol header and how subprotocols are negotiated.

      Mid
    • What is the purpose of the Sec-WebSocket-Key and Sec-WebSocket-Accept headers in the handshake?

      Mid
    • Why do WebSockets reuse HTTP ports (80/443) for their initial handshake, and how does the connection transition off HTTP?

      Mid
    • How do servers handle WebSocket connection upgrades?

      Mid
    • Can custom HTTP headers be sent during the WebSocket handshake from a browser client? If not, why, and what are alternative ways to pass initial authentication or metadata?

      Senior
    • How do Sec-WebSocket-Extensions (e.g., permessage-deflate) get negotiated during the handshake?

      Senior
    • Describe the server's response during the handshake, specifically the 101 Switching Protocols status and the Sec-WebSocket-Accept header, and how the Sec-WebSocket-Accept value is computed using the magic GUID.

      Senior
    • How do the Sec-WebSocket-Key and the magic GUID prevent proxy cache attacks?

      Senior
    • How does the initial HTTP handshake warm up the TCP connection, and why is this beneficial?

      Senior
    • Can WebSockets run over HTTP/2 or HTTP/3, and what changes about the handshake and multiplexing?

      Senior

    Frames Messages & Data Types

    • What types of data (text vs. binary) can be sent over WebSocket connections, and how are they handled?

      Junior
    • What is the difference between a WebSocket frame and a WebSocket message?

      Junior
    • What are WebSocket message frames and frame types (e.g., text, binary, ping, pong, close)?

      Mid
    • Why must client-to-server WebSocket frames be masked while server-to-client frames typically are not, and what security reason is behind this asymmetry?

      Senior
    • Explain the WebSocket frame format, including key components like FIN bit, opcode, MASK bit, and payload length.

      Senior
    • How is message fragmentation handled in WebSockets?

      Senior
    • How is the payload length encoded in a WebSocket frame, and how does it support very large payloads?

      Senior

    Client Api

    • Can you describe the standard WebSocket API provided by browsers, including the WebSocket object, ws:// vs wss://, readyState, the onopen/onmessage/onclose/onerror events, send(), close(), and binaryType?

      Junior
    • Explain the different event handlers available on the WebSocket object (e.g., onopen, onmessage, onclose, onerror).

      Junior
    • What are the readyState values for a WebSocket connection?

      Junior
    • How do you handle errors in a WebSocket connection in the client?

      Junior
    • How do you send and receive text versus binary data such as ArrayBuffer or Blob using the client-side WebSocket API?

      Mid
    • What is the binaryType property in the WebSocket API and how is it used?

      Mid
    • What is the bufferedAmount property in the WebSocket API and how is it useful for handling slow consumers?

      Mid

    Connection Lifecycle & Reliability

    • How would you detect and handle WebSocket connection loss, and what are common reconnection strategies like exponential backoff with jitter?

      Mid
    • Explain the role of ping/pong control frames in WebSockets for heartbeats and detecting dead or half-open connections.

      Mid
    • What are common WebSocket close codes (e.g., 1000, 1001, 1006, 1011) and what do they signify?

      Mid
    • How does the WebSocket protocol ensure ordered delivery of messages over a single TCP connection?

      Mid
    • What are some best practices for handling WebSocket connections?

      Mid
    • How does the graceful close handshake work, with both sides exchanging close frames?

      Mid
    • How do idle timeouts affect long-lived WebSocket connections, and how do you keep connections alive through them?

      Mid
    • How is flow control and backpressure managed in WebSocket communication to prevent slow consumers from overwhelming the server?

      Senior
    • How do you detect and handle dead or half-open WebSocket connections?

      Senior
    • Can you discuss different message delivery guarantees (at-most-once, at-least-once, exactly-once) in the context of WebSocket-based real-time systems?

      Senior
    • How can you ensure message ordering and delivery guarantees over a WebSocket connection, given its underlying TCP nature?

      Senior
    • How do you handle missed messages or state synchronization after a WebSocket client reconnects?

      Senior
    • How would you handle reconnection, connectivity loss, and message reliability in a WebSocket application?

      Senior
    • How does head-of-line blocking on the underlying TCP connection affect WebSocket message delivery?

      Senior

    Security

    • Why is using wss:// (WebSockets over TLS) crucial for production WebSocket applications?

      Junior
    • What is the role of the Origin header in WebSocket security?

      Mid
    • Why is it important to validate and sanitize incoming WebSocket frames, and what risks arise from trusting client-sent data?

      Mid
    • Why would you enforce a maximum message or frame size on a WebSocket server, and how does it relate to resource exhaustion?

      Mid
    • What are the security considerations when using WebSockets, particularly regarding wss:// (TLS) and the importance of Origin validation to prevent Cross-Site WebSocket Hijacking (CSWSH)?

      Senior
    • Explain authentication patterns for WebSockets given the limitations of sending standard Authorization headers during the handshake, and what are the caveats of cookie-based authentication such as CSRF?

      Senior
    • How do you ensure secure transmission and storage for real-time messaging over WebSockets to reduce unauthorized access and data breaches?

      Senior
    • What are potential DoS and resource-exhaustion risks with WebSockets, and how can they be mitigated with rate limiting and connection limits?

      Senior
    • How do you handle authentication token expiry and re-authentication over a long-lived WebSocket connection?

      Senior

    Scaling & Load Balancing

    • How would you scale a WebSocket application to handle millions of concurrent connections, discussing horizontal scaling, load balancing, sticky sessions, and dedicated real-time tiers?

      Senior
    • How can a pub/sub backplane like Redis pub/sub or a message bus be used to fan out WebSocket messages across horizontally scaled socket servers?

      Senior
    • Explain why WebSockets are considered stateful and long-lived, and what implications this has for server architecture and horizontal scaling.

      Senior
    • How does load balancing work specifically for WebSocket traffic, including L4 vs L7 considerations and connection draining?

      Senior
    • What resource management considerations are important for WebSocket servers with a large number of concurrent connections, such as file descriptors, memory, and CPU?

      Senior
    • What are sticky sessions, and what are their implications and alternatives when load balancing WebSocket traffic?

      Senior
    • How do proxies and firewalls specifically affect WebSocket connections, and how can these issues be mitigated?

      Senior
    • What are the challenges of using WebSockets in serverless environments due to their stateful nature?

      Senior
    • Why does scaling WebSockets require a different approach compared to scaling HTTP traffic?

      Senior
    • Can you explain the concept of WebSocket tunneling and when it might be used?

      Senior
    • How would you implement presence (tracking which users are online) in a distributed WebSocket system?

      Senior

    Libraries Abstractions & Tooling

    • What tools and techniques would you use to debug WebSocket traffic (e.g., browser devtools frames view, wscat)?

      Junior
    • How do rooms, channels, or topics function as fan-out abstractions in WebSocket-based systems?

      Mid
    • What conceptual features do libraries like Socket.IO provide over plain WebSockets, such as automatic reconnection and heartbeat mechanisms?

      Mid
    • Why does Socket.IO fall back to HTTP long-polling if a WebSocket connection cannot be established?

      Mid
    • Explain the conceptual differences and trade-offs between binary and text/JSON payloads in WebSockets, and the role of serialization formats like JSON, Protobuf, and MessagePack.

      Mid
    • What is the role of compression such as the permessage-deflate extension in WebSockets, and what are its trade-offs?

      Senior
    • What is the benefit of batching multiple messages together over a WebSocket, and what are the trade-offs?

      Senior
    • How would you monitor and gain observability into WebSocket connections in production?

      Senior