
Ask HN: Break my Go chat app, please - ehonda
Made a small chat program in Go. Looking for maybe a couple people to take a poke at it and maybe find bugs.<p>Can reach it here: wiby.me&#x2F;chat<p>The source can also be looked at from there. The idea is to make it work on pretty much any browser on any system from the last 30 years, and fit on a 9&quot; mac. Anyhow, I am looking for some free labor to test it out.<p>Thank you in advance.
======
Someone
It’s inefficient to read the list of swear words every time _swearfilter_ is
called (and similarly for _checkban_ and _checkAdminIP_ )

The way it is implemented, you’ll also have quite a few false positives
([https://en.wikipedia.org/wiki/Scunthorpe_problem](https://en.wikipedia.org/wiki/Scunthorpe_problem))

Also, is it common idiom in Go to both _defer f.Close()_ and manually call
_f.Close()_? Seems noisy to me (and would, in many other systems, give an
error when the deferred code tries to close an already closed file)

Other issue: from glancing at the code, the 403 page doesn’t seem to return a
403 status code.

~~~
ehonda
>It’s inefficient to read the list of swear words every time swearfilter is
called (and similarly for checkban and checkAdminIP)

Agreed, its not efficient.

>The way it is implemented, you’ll also have quite a few false positives

Yes. The filter is only for a handful of swearwords, I wouldn't bother making
it larger since people can easily circumvent it with various characters.

>Also, is it common idiom in Go to both defer f.Close() and manually call
f.Close()? Seems noisy to me (and would, in many other systems, give an error
when the deferred code tries to close an already closed file)

Honestly, I don't know. This was just based on some file io tutorials I
referenced. Might be able to not have that defer statement at all. I haven't
tried.

>Other issue: from glancing at the code, the 403 page doesn’t seem to return a
403 status code.

Good catch.

~~~
Someone
_”Yes. The filter is only for a handful of swearwords, I wouldn 't bother
making it larger since people can easily circumvent it with various
characters.”_

That’s not the problem I mentioned. _False positive_ means cases where your
filter thinks it sees a swear word, while there is none. Cases where there are
swear words that the code doesn’t detect are false negatives.

 _”Might be able to not have that defer statement at all”_

That wouldn’t be robust. _defer_ guarantees the file gets closed, no matter
how the function is exited. That’s what you want (almost all the time). It’s
the _close_ just before returning that’s superfluous.

