Friday, 7 October 2016

Exploring Node

So I've been spending quite a bit of my spare time looking into node. It's actually more interesting than I first thought, Mainly because I can run it on my Raspberry Pi.

Currently I have a chat server running which uses This was incredibly easy to set up a basic chat server (when I say basic, I mean basic..). I've been customising it visually and logically for a few days now.

Visually I have decided to make it look like a Linux terminal, this is done mainly with CSS but also with a JQuery plugin called Typed.js. I've used this before for other projects and I find it easy to use and it does what it says on the tin.

Logically I have enabled it to recognise URLs using regex, this was the easy part... I wrote the sendMessage functionality so the message sent would ignore HTML and JavaScript in order to stop injection attacks. This seems like a good idea at the time. Later on I introduced the regex to spot URLs in a string and apply the <a href> tag to them. when testing this i got the following:

Karl: This is a test <a href=""></a> end of test

So my way around this was to break up the message but keep the order, each URL found would be inserted as HTML, everything else inserted as text. I'm researching into how other chat clients resolve this issue, I think my way my have some security vulnerabilities, but hey, it's a good way to learn.

I'm also looking into file sharing and possibly enabling some kind of webcam chat. I'm currently looking at socket-signaler-client which I think has the ability to give me what I want.

No comments:

Post a Comment