WebsocketPie icon indicating copy to clipboard operation
WebsocketPie copied to clipboard

Published 20 hours ago verified publisher icon jdoleary

Security

Open jdoleary opened this issue 5 years ago • 3 comments

https://devcenter.heroku.com/articles/websocket-security

jdoleary avatar Dec 07 '19 12:12 jdoleary

Better idea: people who "own" the server can send a one-time configuration message to it which will specify the schema of allowed messages, everything else will be dropped.

jdoleary avatar Dec 21 '19 14:12 jdoleary

How important is limiting the schema really? Won't clients only react to specific message anyway? And the server only reacts to certain messages too.

matt-sweda avatar Dec 21 '19 16:12 matt-sweda