8. Security Considerations

[RFC6455] ensures that non-WebSockets clients, especially XMLHttpRequest-based clients, cannot make a WebSocket connection.

The security considerations of [RFC6455], Section 10 continue to apply to the use of the WebSocket Protocol when using this specification, with the exception of 10.8.