WebSocket Authentication Handshake Language Collocations
Practise the standard verbs for securing the WebSocket authentication handshake.
0 / 5 completed
1 / 5
Fill in: 'We ___ the auth token during the HTTP upgrade request so an unauthenticated client is rejected before a socket ever opens.'
We 'validate a token' — the standard, established WebSocket collocation for verifying credentials at the handshake stage. The other options aren't the recognised term here.
2 / 5
Fill in: 'Accepting the upgrade first and checking auth only after the socket opens can ___ an unauthenticated client briefly connected regardless.'
We say deferred checking will 'leave' a client briefly connected without auth — the standard, natural collocation here. The other options aren't idiomatic here.
3 / 5
Fill in: 'We ___ the connection immediately with a 401 status when the handshake's auth header is missing or invalid.'
We 'reject a connection' — the standard, simple collocation for refusing an unauthorized upgrade request. The other options are less idiomatic here.
4 / 5
Fill in: 'We ___ a short-lived token specifically for the handshake instead of reusing a long-lived credential in the URL query string.'
We 'generate a token' — the standard, established collocation for creating a scoped credential for a single purpose. The other options aren't the recognised term here.
5 / 5
Fill in: 'We ___ failed handshake attempts in the access log so a spike in rejected connections is visible before it's mistaken for a client bug.'
We 'log' an attempt — the standard, simple collocation for recording an event for later inspection. The other options are less idiomatic here.