
Public Chat Web Application Source Code on GitHub - bisratyalew
https://github.com/BisratYalew/Real-Time-Public-Chat
======
geekuillaume
Nice work! Some time age I worked on a similar project for a client but with
much bigger scaling needs (300k+ concurrent connections). My client authorized
me to publish the project with an open licence. It's available here if you
want to take a look:
[https://github.com/geekuillaume/chatup](https://github.com/geekuillaume/chatup)

------
Krasnol
Interesting. Someone somehow attempted to open a new tab with pornhub while I
was in the demo chatroom. Nothing was visible in the chat itself.

~~~
doque
Probably XSS: [https://github.com/BisratYalew/Real-Time-Public-
Chat/blob/ma...](https://github.com/BisratYalew/Real-Time-Public-
Chat/blob/master/js/main.js#L77)

------
dvcrn
Uhm, yeah it works but it's just a barebones chat using socket.io or am I
missing something here?

~~~
makepanic
Including no input/output sanitization which leads to XSS issues.

~~~
annnoo
I did something similar for a university project to show why input/output
sanitization is so important. Very simple project (~100 lines iirc) but it did
the job!

[https://github.com/annnoo/websocket-
chatxss](https://github.com/annnoo/websocket-chatxss)

In my oppinion the most fun thing you can inject is the "Katamari"-Script:
[http://kathack.com/](http://kathack.com/)

------
magnetomax
It needs to sanitize the input text. Very important from security perspective.

------
freddie02
open console. type this setInterval(() => {$('.msg_send_btn').click()},50);

