Safari's implementation of secure WebSockets (wss) starts off with an SSLv2 handshake[1]. Normal browsing over HTTPs uses TLS[2], so why do WebSocket connections use SSLv2? SSLv2 is known to be insecure[3] and some frameworks even explicitly disable its use[4].
WebSocket connections don't always use SSLv2, however. Opening a secure WebSocket connection to a server immediately after browsing to it over HTTPs results in the WebSocket connection using TLS[2].
Furthermore, Safari's WebSocket connections fail when connecting to a test SSL server that is configured to accept SSLv2[[5]][5]. Is Safari's implementation of SSLv2 even correct?