|
|
|
|
|
|
by rohitnair
5178 days ago
|
|
|
Kudos for sharing this and showing how easy it is to use node.js and socket.io (for those who haven't tried out socket.io, you really should) I implemented something similar for my side project recently, but instead of using an HTTP end point, I used redis and it's in built pub/sub layer. Pushing events is then a simple matter of publishing messages on redis channels. My node.js code listens to these redis channels and pushes the events upstream to the browsers via websockets, exactly as you do. Another thing I'd suggest you to highlight (or rather warn) is your use of eval. In the use cases you've mentioned (message board or chat room), you're essentially going to eval user input. Any attacker who knows this will most definitely try to perform XSS. |
|
|