WoT Book – Errata

This page contains all the edits and changes in the WoT book. If you notice any errors, typos, or mistakes, we would really appreciate if you could post them on the book forum or simply contact us directly.

Chapter 1

None so far.

Chapter 2

None so far.

Chapter 3

None so far.

Chapter 4

  • “At the time of writing, Node 4.x is the latest long-term support (LTS) version of Node.js, therefore the code in the book may not work with Node v > 4.x”

Chapter 5

  • Figure 5.7 – 2nd arrow (“syn ack”) should be the other way around
  • section 5.4.2, “butcan” should be “but can”
  • p134 “TPC/IP” should be “TCP/IP”
  • Add LPWAN to the chapter 5 network graph (todo new graph)

Chapter 6

None so far.

Chapter 7


Chapter 8

None so far.

Chapter 9

  • Section 9.2.1: JSON Web Tokens do NOT provide encryption, unless you use a companion standard called JWE, which you should do if you are unable to transfer your data over TLS or DTLS. The JSON is simply BASE64 + an encrypted signature based on the JSON content with a pre-shared key between servers. This allows the server to trust the content of JWT, but does not do anything to hide that content. In most cases, you’d still want to transmit the JWT over a TLS connection. Meanwhile people can learn about the difference between JWT and JWE here: https://securedb.co/community/jwt-vs-jws-vs-jwe/
In routeCreator (cappedPush)
router.route(actions.link + ‘/:actionType’).post(function (req, res, next) {
var action = req.body;
action.id = uuid.v1();
action.status = “pending”;
action.timestamp = utils.isoTimestamp();
utils.cappedPush(actions.resources[req.params.actionType].data, action);
res.location(req.originalUrl + ‘/’ + action.id);next();

In websocket.js and coreplugin.js
* Fake Array.Observe if not available
var ArrayObserver = Array.observe || function (resource, callback, extra) {
resource.push = function (data) {
Array.prototype.push.call(resource, data);
callback([{object: resource}]);