One subject that is often mentioned in talks about WebSockets security, is how WebSockets does not implement authentication/authorization in the protocol. This might not be as familiar because when the original research was done, there were not many applications using WebSockets. I wanted to demonstrate what this pattern looks