WebSocket is a communication protocol that supports bidirectional communication over a single TCP connection. An Encrypted WebSocket connection is essentially a secure WebSocket that is established using SSL/TLS.
In the way that HTTPS is preferable to HTTP, using an Encrypted WebSocket is preferable to using a plain WebSocket. The threat from many different types of WebSocket attacks is negated when the connection is secured because intermediaries, including any potential man-in-the-middle threat actors, do not have access to the data in the traffic.
wss : [// authority] path [? query]
The wss scheme is not only more secure but more reliable because that some proxy servers do not recognize the WebSocket-specific scheme. Consequently, an intermediate may drop the request or terminate the connection. However, because wss is encrypted using SSL/TLS, there is no visibility as it passes through intermediaries, and because they can’t read the data, it is passed through without further inspection.
const connection = new WebSocket(‘wss://files.example.re/’);
Encrypted WebSocket connections are a secure version of the standard WebSocket functionality. They offer a mechanism for secure bidirectional communication over a single TCP connection that is established on infrastructure that supports HTTP and HTTPS.