When connecting through Websocket protocol from a browser, accessing the HTTP handshake is forbidden.
Is everything goes well, the server answer HTTP 101 Upgrade and the handshake is done.
If the server does not accept the Websocket incoming request, it can answer with an HTTP 401 Unauthorized response for example if authorization is missing (Source RFC 6455. In this case, JS script can not access this information and are doomed ! The only event exposed is Websocket Error Code 1006, abnormal closure by browser, which is not helpful at all.
According to the W3.org (source, stack post), this is for security reason.
I fail to see the benefit of this restriction. Accessing this HTTP Status code can be done easily with any client libraries instead of Browser Javascript.
Can someone elaborate the reason ?
