Document heartbeat support in SockJS

src/asciidoc/index.adoc

@@ -37355,25 +37355,26 @@ be cached. For details on how to enable it see the
 https://github.com/sockjs/sockjs-client[SockJS client] page.
 ====
 
-[[websocket-fallback-cors]]
+[[websocket-fallback-sockjs-heartbeat]]
-==== SockJS and CORS
+==== Heartbeat Support in SockJS
 
-The SockJS protocol uses CORS for cross-domain support in the XHR streaming and
+The SockJS protocol requires servers to send heartbeat messages to preclude proxies
-XHR polling transports. CORS headers are automatically added to SockJS requests
+from concluding a connection is hung. The Spring SockJS configuiration has a property
-for transports that require it as well as for the initial `"/info"` request.
+called `heartbeatTime` that can be used to customize the frequency. By default a
+heartbeat is sent after 25 seconds assuming no other messages were sent on that
+connection. This 25 seconds value is in line with the following
+http://tools.ietf.org/html/rfc6202[IETF recommendation] for public Internet applications.
 
-Spring's `SockJsServce` implementation checks for the presence of the CORS
+[NOTE]
-`"Access-Control-Allow-Origin"` header in the response. If present, no new CORS
+====
-headers are added, essentially assuming that CORS support is configured
+When using STOMP over WebSocket/SockJS, if the STOMP client and server negotiate
-centrally, e.g. through a Servlet Filter. Otherwise the following are added:
+heartbeats to be exchanged, the SockJS heartbeats are disabled.
+====
 
-* `"Access-Control-Allow-Origin"` - intitialized from the value of the "origin" request header or "*".
+The Spring SockJS support also allows configuring the `TaskScheduler` to use
-* `"Access-Control-Allow-Credentials"` - always set to `true`.
+for scheduling heartbeats tasks. The task scheduler is backed by a thread pool
-* `"Access-Control-Request-Headers"` - initialized from values from the equivalent request header.
+with default settings based on the number of available processors. Applications
-* `"Access-Control-Allow-Methods"` - the HTTP methods a transport supports (see `TransportType` enum).
+should consider customizing the settings according to their specific needs.
-* `"Access-Control-Max-Age"` - set to 31536000 (1 year).
-
-For the exact implementation, see `addCorsHeaders` in `AbstractSockJsService`.
 
 [[websocket-fallback-sockjs-servlet3-async]]
 ==== SockJS and Servlet 3 Async Support
@@ -37403,6 +37404,26 @@ defined in `AbstractSockJsSession`. If you need to see the stack traces, set tha
 log category to TRACE.
 ====
 
+[[websocket-fallback-cors]]
+==== SockJS and CORS
+
+The SockJS protocol uses CORS for cross-domain support in the XHR streaming and
+XHR polling transports. CORS headers are automatically added to SockJS requests
+for transports that require it as well as for the initial `"/info"` request.
+
+Spring's `SockJsServce` implementation checks for the presence of the CORS
+`"Access-Control-Allow-Origin"` header in the response. If present, no new CORS
+headers are added, essentially assuming that CORS support is configured
+centrally, e.g. through a Servlet Filter. Otherwise the following are added:
+
+* `"Access-Control-Allow-Origin"` - intitialized from the value of the "origin" request header or "*".
+* `"Access-Control-Allow-Credentials"` - always set to `true`.
+* `"Access-Control-Request-Headers"` - initialized from values from the equivalent request header.
+* `"Access-Control-Allow-Methods"` - the HTTP methods a transport supports (see `TransportType` enum).
+* `"Access-Control-Max-Age"` - set to 31536000 (1 year).
+
+For the exact implementation, see `addCorsHeaders` in `AbstractSockJsService`.
+
 [[websocket-fallback-sockjs-explained]]
 ==== How SockJS Works
 This is a question beyond the scope of this document. The SockJS protocol