Jan Bartel (Intalio) and Daan Van Santeen (Progress FUSE) will be giving a series of live webinars on how Jetty, Cometd and ActiveMQ can be used to provide a reliable messaging platform to the browser.

• What Jetty is and how its CometD Bayeux implementation implements messaging to the browser
• What Apache ActiveMQ is and how its JMS implementation allows for reliable messaging
• What the JMS and Bayeux messaging protocols are and how they complement each other
  How
  these technologies can be combined to create a flexible and reliable
  platform to implement messaging from a back-end system to a browser

The webinar includes a simple demonstration of fault tolerance failover from the browser.

Click to register:

• Monday, February 15, 2010 11:00 am
  Europe Time (Paris, GMT+01:00)
  
• Tuesday, February 16, 2010 12:00 pm
  Pacific Standard Time (San Francisco, GMT-08:00)
  

There is a jurisdictional issue brewing over the future of internet standards – I know because I’m stirring the pot.  The dispute is between the WHATWG and the IETF regarding the specification process for the websocket protocol (which I have some concerns about, but none the less is supported by Jetty).

The IETF is the body that has been responsible for developing and/or standardizing the vast majority of protocols which run the internet: HTTP, FTP, SMTP, etc. It has an open collaborative based process based on working code and rough consensus and is overseen by the Internet Society, a non profit organization with membership open to all.

The WHATWG was formed in response to concerns about the W3C’s evolution of HTML
and has been instrumental in developing the HTML5 standards.  It is essentially a browser vendor consortium that is governed by an invitation only committee and lead by a Google employee.  While it’s process is conducted openly and all are invited to participate,  only the appointed editor has any power in the actual decision making process. The editor is appointed by the browser vendors.

The majority of the WHATWG efforts have been about HTML5, and most welcome the advances they are driving in the browsers. However, the websocket API and protocol have also come out of the HTML5 work and specify a new protocol that will run over ports 80/443, that will start off looking kind of like HTTP, but is expressly not HTTP.

Making the internet work well by producing quality standards is exactly the mission statement of the IETF.  So a new protocol running over port 80 is definitely something that falls within the scope of the the IETF mission.   The WHATWG were invited to submit their protocol as a IETF draft document, which they did and the IETF after due process has formed the hybi working group to ” take on prime responsibility for the specification of the WebSockets protocol”.   This appears to have shocked the WHATWG and they saying that they do not wish to relinquish editorial control of the protocol. It appears they were hoping for a rubber stamp from the IETF.

Meanwhile, Google’s Chrome browser has started shipping with the websocket protocol enabled and it is expected that other browser vendors in the WHATWG consortium will soon follow.  The argument has been made that it’s “already shipping”, so it’s too late to make any significant changes to the protocol.

The problem is that the protocol has been developed by only a fragment of the internet industry, and essentially by a single company within that fragment. There has been no consensus sought or obtained from the wider internet community – ie servers, routers, bridges, proxies, firewalls, caches, load balancers, aggregators, offloaders, ISPs, filters, corporate security policies, traffic monitoring, billing, accounting, shaping, application frameworks etc. etc.   These communities and vendors are waking up to a world where the traffic they expected over port 80/443 aint what it used to be. Their products and services will be broken, bypassed or at best co-opted for unintended usage.  They had no real voice in this change.  Many would not have even realized that the HTML5 effort was going to substantially change the wire protocol.

It is easy to present this state of affairs as a takeover of port 80 by Google so that they can get Wave to work better. That google  expect the rest of the industry to scramble to make the changes necessary to allow websockets to tunnel through the infrastructure unhindered by any concerns other than connectivity to Google.    I know that this characterization of the situation will be taken as personally insulting to the individuals involved, who I’m sure are acting in good faith and not as part of some conspiracy.  However, the power of group-think is significant and individuals are greatly affected by the environment that they operate in.  Conflicts of interest are avoided by not by peoples best intentions, but by not creating processes that are inherently conflicted.

I don’t mean to be too Machiavellian about this, but if the IETF does not assert is roll as the primary internet standards body, then the  outcome will essentially be that a Google led consortium has taken over port 80. Note that Google are also doing some great research on a HTTP replacement protocol called SPDY, which is showing some excellent promise. SPDY might be the way of the future, but do we really want it to arrive by having google simply start shipping it in Chrome?  If we let port 80 be taken by websockets without consensus, then could happen with HTTP as well (mwah ha ha ha)!

The websocket protocol as specified by the WHATWG might indeed be wonderful, but unless we follow due process, we will not really know that it is. The IETF has a truly open
process based on rough consensus in which all are welcome to participate. They have a proven track record and have overseen the standards that have withstood the unprecedented growth in the internet.  The IETF are the natural body to oversee standardization of internet protocols and there is no evidence that this task would be better handled by a closed industry consortium lead by Google.

My suggestion of how to break this impasse, is for the WHATWG to continue to be the editor of the current specification and to push forward with the deployment of 1.0, which essentially ignores intermediaries and proxies anyway.   In parallel, the IETF should continue with their working group to develop the 1.1 specification based on 1.0, but with an all-of-industry rough consensus.

We’ve said it before (Bad Robot!), but after the Android 2.0/Nexus One developments, it really bears repeating: Google either do not understand or do not care about community once their immediate corporate goals have been met.

In the Bad Robot! blog, Greg commented on the disparity between Google’s talk of Android’s openness and their provision of early candidates of the cupcake release only to selected customers with NDAs. Google needed to get Android into the hands of developers to create the rich library of apps that would make Open Handset Alliance’s handsets attractive to customers and compete with the iPhone. Yet, by holding back on the releases, they left a lot of these developers in limbo, not knowing what the future held and being unable to plan how to allocate scarce resources or whether their work would even have to be thrown away. Bear in mind that most mobile developers are small companies or individuals, and so are greatly effected by this kind of treatment. Why screw with the very people you need for your success?

Eventually the cupcake release was made public and everyone picked themselves up, dusted off the software and got on with it. I, for one, was hoping that Google had learnt a lesson from the understandably angry reaction on the android developer lists. However, the launch of the Nexus One handset and Android 2.0 shows that Google have not. In fact, they probably weren’t even paying attention the first time around.

Other commentators have remarked upon the numerous ways in which Google’s release of their own-brand handset screws over their partners in the Open Handset Alliance and others in the industry, but what has been missed from most media commentary is the callous disregard Google have shown (again) for their developer “community” with Android 2.0. The fact is that the 2.0 release was announced on 27th October 2009, but yet it is still not available on the ADP1 development handset, and indeed may never be.

About a year ago developers were encouraged to pay $US500 for the handset in order to try out their apps on a real phone. In conjunction with HTC, the producer of the handset, Android updates for the ADP1 were made available for web download. Yet, despite repeated pleas from the community such as here and here, no release of 2.0 is forthcoming. Indeed, Google has not even had the courtesy to make an official announcement on the future of the ADP1.

So here we developers are again – cold shouldered by the corporate giant and yet expected to provide apps to lure customers to buy their phone. Google’s behaviour is also rather contemptuous of customers – some developers are receiving feedback that their widgets don’t work properly under 2.0, and yet are unable to recreate and fix the problem because there is no access to 2.0 on a dev handset.

So whilst I heartily agree with the rhetoric of Android and the Open Handset Alliance, I like the Android UI, API and linux/java-like platform, and I enjoy developing i-jetty, the realization of the rhetoric falls far, far short of what we should expect of a company like Google. Or …. is it exactly what we should expect of a company like Google?

This judge awards you nul points, Google.

Jetty-7.0.1 has been extended with a WebSocket server implementation based on the same scalable asynchronous IO infrastructure of Jetty and integrated into the Jetty Servlet container.
WebSocket came out of work on HTML5 by the  What Working Group to specify a mechanism to allow two way communications to a browsers.  It is currently being standardized at the W3C for the WebSocket API and by the IETF for the WebSocket protocol and is soon to be supported by releases of Firefox, and Chromium. While I have significant concerns about the websockets protocol, it is important that server concerns are considered in the standardization process. Thus to follow the IETF model of “rough consensus and working code”, it is important that Jetty has a working implementation of the protocol.
The key feature of the Jetty Websocket implementation is that it is not another separate server.  Instead it is fully integrated into the Jetty HTTP server and servlet container. so a Servlet or Handler can process and accept a request to upgrade a HTTP connection to a WebSocket connection.    Applications components created by standard web applications can then send and receive datagrams over the WebSocket with non blocking sends and receives.
Below is an example of a SIMPLE “Chat” application written using the Jetty WebSocketServlet, which can handle normal doGet style requests, but will call doWebSocketConnect if an upgrade request is received:

The client side of this chatroom is implemented by this script, whose key sections include:

This example is included in the test webapp shipped with Jetty-7.0.1,  and has been tested with the websocket client in dev releases of Google Chromium 4.0.
The intention for the jetty-websocket server is to be the focus of trial and experimentation with the protocol, it’s implementation and framesworks like cometd that might use it. All should be considered Alpha and highly likely that they will change with feedback received. Hopefully using the protocol with real servers, clients and applications will result in the experience required to feedback to the IETF requirements that will drive the improvement of the protocol.
One example of an area that needs to be improved is the discovery and/or negotiation of idle timeouts for the WebSocket connections.   Currently the jetty-server is inheriting the idle timeout of the HTTP connection, which is 30s by default.  This means that the demo chat application drops it’s connection after 30 seconds of no conversation.  This is not exactly what you want in a chat room, but because there is no way to discover or configure the idle timeouts of other parties to a websocket connection (including proxies), then the application has no choice but to handle the idle close event itself.

When I was given the opportunity to come work at Webtide several months ago, I knew right away this was definitely a chance of a lifetime. It is absolutely amazing to be able to work with Jetty founders Greg and Jan, as well as with all the other members of Jetty team.

I have been developing web applications for almost all of the major application servers in the past, and always been interested in developing the software at the core of the development stack, as well as in open source development. But until now I have not been able to find an open source project where my skills and experience were needed.
Jetty@Eclipse and Jetty@Codehaus projects are the perfect match for all my current goals as a software developer, with the robust HTTP server and JSP/Servlet application server components, as well as the asynchronous HTTP Client module that I have been already working with extensively while developing a solution for one of Webtide’s clients.

Webtide had recently been acquired by Intalio, and there seems to be even more opportunities for Jetty to grow and prosper. There are infinite possibilities here for me to grow professionally, learn cool new technologies, and work with great and talented people. It’s been a very busy time getting to know my way around Jetty’s code, and I am totally looking forward to learning it all, doing a lot of new development, as well as maintenance work, and having some fun while at it!

Background

The W3C has developed the Websocket API proposal for HTML5, that enables web pages to perform two-way communication with a remote host. There is also a proposed  IETF draft websocket protocol to transport the websocket messages.
 
I believe that there are significant deficiencies in the proposed websocket protocol and this paper looks at how they can be rectified.

Specification Style

ws0-frame           = sentinel-frame 
                    / length-frame

sentinel-frame      = %x00-7F      ; frame type
                      *( %x00-FE ) ; utf-8 data
                      %xFF         ; the sentinel

length-frame        = %x80-FF      ; frame type
                      frame-length 
                      octet-data   ; binary data

frame-length        = unlimited-integer

unlimited-integer   = *( %x80-FF ) %x00-7F 
                    ; concatenate 7 low order bits from each octet
                    ; to form a binary integer

octet-data          = *( %x00-FF )
                    ; the number of octets is exactly the length determined
                    ; by the frame-length

 
This is a precise specification and requires only an interpretation of the frame length field to provide an implementation independent definition of websocket data framing.

Simplified Framing

Now that we can clearly see and understand websocket data framing, we can see that it really has two types of data framing: one for UTF-8 content and one for binary content. As the binary framing is perfectly able to carry the utf-8 data, then the protocol can be greatly simplified by removing the sentinel framing as follows:

ws1-frame           = frame-length
frame-type
octet-data

frame-type          = 0x00    ; utf8 frame
/ 0x01-FF ; undefined binary frame
frame-length        = unlimited-integer
unlimited-integer   = *( %x80-FF ) %x00-7F
; concatenate 7 low order bits from each octet
; to form a binary integer
octet-data          = *( %x00-FF )
; the number of octets is exactly the length determined
; by the frame-length

Learn from HTTP

It is always wise to consider the past when looking to the future. HTTP/1.1 introduced pipelining as a mechanism to reduce the latency and improve the throughput when using a TCP/IP connection. The mechanism allows multiple HTTP messages to be sent on a connection, without waiting for any response or state change resulting from one message to the next.  Unfortunately HTTP pipelines have several short comings that have prevented their widespread adoption and more unfortunately the websocket protocol proposal has made similar mistakes:
3>Orderly Close

ws2-frame          = frame-length
frame-type
octet-data
frame-type         = 0x00 ; utf8 frame
/ 0x01    ; control frame
/ 0x02-FF ; undefined binary frame
frame-length       = unlimited-integer
unlimited-integer  = *( %x80-FF ) %x00-7F
; concatenate 7 low order bits from each octet
; to form a binary integer
octet-data         = *( %x00-FF )
; the number of octets is exactly the length
; determined by the frame-length

Message Fragmentation

Another issue with HTTP/1.1 pipelining is that the time taken to transmit/receive/process one message in the pipeline can unreasonably delay the handling of subsequent messages.  While websocket is not hampered in this regard by request response semantics, it still suffers from the issue that the sending of a large websocket message may unreasonably delay the transmission of other messages. 
A common protocol technique to deal with this issue is to implement message fragmentation, where a single message is transmitted in several frames and the frames of unrelated messages can be interleaved on a single connection. Either a message ID or a channel (== virtual connection) ID is needed to determine which fragments are part of the same message.   The following improvement adds fragmentation and a channel ID to websocket:

ws3-message       = 1*(ws3-frame)
ws3-frame         = frame-length
message-length
channel-id
frame-type
octet-data
frame-type        = 0x00    ; control frame
/ 0x01    ; utf8 frame
/ 0x02-FF ; undefined binary frame
frame-length      = 0x00              ; last frame of message
/ unlimited-integer ; frame-length
message-length    = 0x00              ; unknown message length
/ unlimited-integer ; known message length
channel-id        = unlimited-integer
unlimited-integer = *( %x80-FF ) %x00-7F
; concatenate 7 low order bits from each octet
&nb
sp;              ; to form a binary integer
octet-data        = *( %x00-FF )
; the number of octets is exactly the length determined
; by the frame-length

A message is terminated when all octets have been sent for a known message length, or when a zero length frame is sent for an unknown message length. Related messages are sent on the same channel id and are strictly ordered. The creation and orderly close of channel-ids can be coordinated by control frames sent on the channel. The implementations of the protocol end points will be responsible for fragmenting and interleaving messages. A simple endpoint may choose not to fragment messages sent, but should be capable of assembling fragmented messages received.

Multiplexing

It is frequently desirable to aggregate (aka multiplexing) message streams from multiple clients and/or components into a single stream of messages, so that resources can be shared and/or load from a single source policed as a single entity.  Luckily the machinery needed for multiplexing over a transport protocol is exactly the machinery needed from message fragmentation and channels.   Thus the improvements already proposed can accommodate multiplexing.

Flexibility and Extensibility

 
These additional content encodings could be handled by allocating additional frame-type octets. However, such an approach would need coordination by a standards body for every new type and could rapidly consume the available octet space when the product of content encodings, transport encoding, character sets and/or content types is calculated. 
Luckily there already exists a standard extensible system for describing content encodings, transport encoding, character sets and/or content types. The IETF standards for  Mime Type are widely used by web protocols and have good mappings to existing software components that can encode, decode, compress, decompress, validate, sign and/or display an unlimited and growing family of media types.
Mime types and associated encodings are typically represented by 1 or more name value pairs of ISO-8859-1 strings (aka meta data). It would possible to extend websocket by replacing the fixed octect mapping of content encoding with a per message set of mime-type name value pairs.  However, to do so would be to repeat another mistake of HTTP, namely to have verbose highly redundant meta-data transmitted with every message.
A more efficient and equally flexible solution is to associate meta-data fields such as mime type with a channel rather than with a message, so that the meta data need only be sent once and will apply to all subsequent messages in a channel, or until it is replaced by updated meta data:

ws5-message        = 1* (ws5-frame)
ws5-frame          = frame-length
message-length
channel-id
frame-type
octet-data
frame-type         = 0x00    ; control frame
/ 0x01    ; meta-data name+value headers
/ 0x02    ; data frame
/ 0x03-FF ; undefined frame
frame-length       = 0x00              ; last frame of message
/ unlimited-integer ; frame-length
message-length     = 0x00              ; unknown message length
/ unlimited-integer ; known message length
channel-id         = unlimited-integer
unlimited-integer  = *( %x80-FF ) %x00-7F
; concatenate 7 low order bits from each octet
; to form a binary integer
octet-data         = *( %x00-FF )
; the number of octets is exactly the length
; determined by the frame-length

An application using this transport would be free to send as little or as much meta data as appropriate.  If the content types and encodings can be assumed or known in advance, then only control and data frames need be sent.

Other Websocket improvements

Semantic Specification

Another poor aspect of the websocket protocol proposal is its usage of strict ordering and binary equivalence rather than semantic equivalence when handshaking to establish a websocket connection.  The specification expects implementations to send/receive exact sequences of bytes, for example:

5. Send the following bytes to the remote side (the server):
47 45 54 20
Send the /resource name/ value, encoded as US-ASCII.
Send the following bytes:
20 48 54 54 50 2F 31 2E  31 0D 0A 55 70 67 72 61
64 65 3A 20 57 65 62 53  6F 63 6B 65 74 0D 0A 43
6F 6E 6E 65 63 74 69 6F  6E 3A 20 55 70 67 72 61
64 65 0D 0A

GET /resource name/ HTTP/1.1 CRLF
Upgrade: WebSocket CRLF
Connection: Upgrade CRLF

A semantically equivalent HTTP request could have the headers order differently, an absolute URL for the resource additional headers for authentication, load balancing and/or cookies. There is no reason to reject semantically equivalent messages because a HTTP request that happens to have the correct semantics is correct.  The insistence of strict binary ordering and equivalence will break many proxies, load balancers and server implementations that are used to more flexible interpretations of network specifications.

HTTP transport

This paper has highlighted several existing issues with HTTP/1.1, such as pipeline limitations and verbose redundant headers. The improved websocket protocol addresses the main limitations of HTTP while providing equivalent or superior capabilities to carry both the data and meta data needed for HTTP.  It is entirely possible that with some additional minor improvements that improved websocket (or similar) could transport HTTP messages and become the basis of HTTP/2.0
 

BWTP IETF draft

In his Homesteading in the Noosphere essay, Eric S. Raymond likened the creation of open source projects to homesteading on a frontier, via a process of  “mixing one’s labor
with the unowned land, fencing it, and defending one’s title”,  in contrast to the lawful transfer of title that occurs in settled areas.  While the lands of the web servers still border a few wildernesses (eg asynchronous), the surrounding urban sprawl and industrialization reveals that the frontier days are mostly gone with the wild west. So the Webtide team could have continued on in our homesteading ways, kind of like a retro Wild Bill Cody show, or we could grasp our future and settle down to some serious urban planning.   With the acquisition of Webtide by Intalio, we’re all urbanites now.

To take a metaphor way way too far,  my utopian ideal of the natural evolution of a landscape formed by homesteading, would be that of the Roman villa. Each homestead would grow to a villa that would attract the labour it needs to work the existing resources, but that would remain essentially rural and moderately independent, operating under the law and order created by a centralized government (apache, eclipse, etc.).  These villas would form the basis of an extensive yet flexible supply chain, so that enterprises could purchase produce from a variety of villas. An enterprise might use produce from the Villas of Spring, Webtide, Hybernate, and Sonatype to produce a product, while another may use Webtide, Tapestry and Atomikos
But that utopia was not to be (as all utopias are fated to be dystopias if actually enacted). Instead, some homesteads looked towards the smoking industrial cities on the horizon and saw the productivity that could result from aggregation, mass production and industrialization.  Instead of being the base of the supply chains, these homesteads became factories producing complete pre-fab homesteads for new settlers – the open source application server was born! These one-size-fits-all pre-fab enterprises come complete with everything you need including a shop front just waiting for your logo above the door and the shop window to be filled with your products.  To demonstrate the viability of the pre-fab enterprise, they built a pet shop (albeit one where no actual animals, customers or transactions were involved). The JBoss, Gluecode and Spring homesteads have all gone into application server production and I wish them well.
Meanwhile, the Webtide/Jetty homestead has grown from a little house on the prairie to a self sufficient village, that supplies custom open source services to many of the new townships, as well as established cities and new homesteads created further out in the frontier. It is a prosperous and vital lifestyle in the village and there was no great need to change.  But as any country boy knows… the bright lights of the big city can be very attractive.  But is the only choice of city life application server production?  Was the future of Jetty only going to be the creation of  yet another pre-fab bungalow factory?   Luckily no!  In Intalio, we’ve found a growing township with a different economic model and an urban plan more to our liking.
Rather than pre-fab infrastructure, Intalio town builds real BPM and CRM solutions running on public or private clouds, which they supply to small, large and huge enterprises.   Intalio is not  an infrastructure vendor, but a solutions vendor. To build these solutions, Intalio needs a supply chain of components and they have chosen to use open source components and to take ownership in much of the means of production of those components. However, the most important aspect of the Intalio urban plan, is that the component providers must remain profitable and competitive producers in their own right.  Intalio needs our components to build their solutions and their requirements will be certainly be a driving force for us. But we will continue to supply and support our quality components to many enterprises and new homesteads. Intalio knows that only by continued exposure to market forces, will their components continue to grow, adapt and make their solutions competative. Webtide in Intalio is not a Detroit metal works making bumper bars for GM and only GM, and there is no protectionist agenda.
Like Jetty’s move to the Eclipse Foundation,  I believe that our choice of acquisition partner reflects our continued commitment to the development of quality component based software that will be accessible and suitable for many  and varied consumers. Our clients and users should only see an improvement to the resources and services that we offer. Our stewardship of the Jetty/cometd projects will continue to be inclusive as it remains in our interests to see these projects used as widely and diversely as possible. Also Intalio will provide us with a comfortable urban base from which we can plan our next expeditions into the noosphere wilderness.
 
 
 
 


 

The release of Firefox 3.5 included several new features for developers.

One of the most interesting new features is the support for cross-domain HTTP requests made with XMLHttpRequest objects (see here for details) or, by using Mozilla’s terminology, cross-origin requests.

It is well known that browsers enforce restrictions on the scripts that they execute, and one such restriction is the same-origin policy, which prevents a document or script loaded from one origin from getting or setting properties of a document from another origin.
Here “origin” means the scheme, host and port of the URL, so for example a script downloaded from http://foo.com could not make a request – via XMLHttpRequest – to http://bar.com (different host) or even http://foo.com:8080 (different port).

This is troublesome, especially for certain kind of applications heavily based on JavaScript like Cometd applications, that often need to interact with different domains.

This same-origin restriction is so troublesome, that bright people figured out different ways of working around it.
For example, in Cometd applications, the JavaScript client can use a transport that allows the Bayeux communication with a server on a different origin; such transport is based on JSONP, a technique that uses the injection of script elements in the DOM to connect to a server on a different domain.
It works, but way less reliably than the standard, same-origin, transport that it is used by default in Cometd applications.

Fortunately this troublesome restriction, which dates back to Netscape Navigator 2.0, has been addressed by a new W3C specification (the Cross-Origin Resource Sharing Specification), that however requires changes in how a client (such as the XMLHttpRequest object) and a server interact.

Firefox 3.5 already implements this specification (and I guess we can expect most if not all other browsers to do the same in short time), so the client part is taken care of.

For the server side, Jetty 7.0.0.RC2 now ships a servlet filter that implements the cross-origin specification allowing, for example, Cometd applications running on Firefox 3.5 to perform Bayeux communication with a server on a different origin using XMLHttpRequest instead of using the JSONP workaround.
Needless to say, this makes the Cometd application more robust and reliable, and it is totally transparent for the application: just use a compliant browser, the latest Cometd JavaScript client and configure Jetty with the cross-origin filter. That’s it.

You can find detailed information regarding Jetty’s cross-origin filter here, and regarding Cometd configuration for cross-origin Bayeux communication here.

The Dojo project has pioneered the implementation of the Bayeux specification, but for example the jQuery project lacked a robust client-side Cometd implementation.
This gap has been filled now, with a shared pure-JavaScript implementation and bindings for both Dojo and jQuery.
This means that the bulk of the Cometd implementation is now in a single, pure-JavaScript file, and that users of either toolkit have a binding (a very small adapter code) that allows developers to use the JavaScript Cometd API as a first class citizen in the either toolkit.
As a small example, this is how you use it in Dojo:

dojox.cometd.publish('/mychannel', { mydata: 'foobar' });

and this is how you use it in jQuery:

$.cometd.publish('/mychannel', { mydata: 'foobar' });

 
A good side effect of all this is that every bug or new feature is fixed or added to the shared pure-JavaScript file, and immediately both toolkits will benefit of that.
The implementation has been totally rewritten since the one historically present in Dojo, and the following are the most interesting features:

• better support for tweaking the configuration
• split configuration and initialization steps to allow more flexibility in case of programmatic disconnects
• extended and clarified the Cometd APIs
• better notifications for failures due to server or network failures
• automatic and configurable connection retries
• incoming message and outgoing message interception
• automatic bayeux transport negotiation, supporting long-polling and callback-polling transports
• extensions such as timesync, message acknowledgement and transparent page reload

Downloads, documentation and code is available at the Cometd website.