Common attacks
Currently, what you need to know is that the protocol is designed to be as secure as possible. Be careful though! WebSocket is a brand-new protocol and not all web browsers implement it correctly. For example, some of them still allow the mix of HTTP and WS, although the specification implies the opposite. Everything is subject to change, and while waiting for the browsers to mature, you can easily adopt some protection techniques yourself.
So, the old-school problems are not solved. Remember those bad people who sniffed the HTTP and intercepted into the web traffic? Well, the WS can be sniffed the same way.
Here are some common security attacks you need to be aware of, and consequently, some ways you can protect your app and your users.
Denial of Service
Denial of Service (DoS) attacks attempt to make a machine or network resource unavailable to the users that request it. Imagine that someone makes an infinite number of requests to a web server with no or tiny time intervals...