WingNews logo WingNews GitHub [2]
top | item 4000283

My weekend project: anonymous, realtime message board with socket.io

45 points| ecto | 14 years ago |oak.io | reply

This is just a simple node app on a small Joyent server!

43 comments

order
[+] opendomain|14 years ago|reply
Do NOT go to this service! It does not filter JavaScript and so is succeptble to XSS and other hacks. I sent on and clicked on a chat named 'Natalie portman' and it can up with an alert box that said 'no chance bro' and kept on popping up and I had to shut down my browser. Other than that - pretty kewl! Is the code open source?
[+] ecto|14 years ago|reply
I actually got tricked by that too haha. I went into the database and deleted that, and pushed a fix to production.
[+] chrisbroadfoot|14 years ago|reply
Who cares if it's open to XSS? Does the site have a cookie you care about?

If it's truly anonymous, then it doesn't matter if someone forges your cookie.

[+] joshryandavis|14 years ago|reply
It is a fun little site, I really enjoyed playing with it. You really need to add some spam prevention, title & comment length limits, fix exploits, etc.

I wanted to play around with it some more, but it's just pure spam now.

[+] ecto|14 years ago|reply
Thanks! I really hate spammers :\
[+] ecto|14 years ago|reply
This is just on a small Joyent server, running one process. I started it Friday night so there's still a few holes.
[+] sudonim|14 years ago|reply
Yeah, like it's not anonymous. Someone figured out that you can see all ip addresses (tied to comments) when you open up firebug.
[+] shousper|14 years ago|reply
It's like real-time reddit.. its be fun, but probably hard to make constructive, lol

I like it, and envy the fact you could just create this on a whim over a weekend. I wish I had that kind of discipline when it comes to some of my spontaneous ideas!

[+] DigitalSea|14 years ago|reply
This is actually a lot of fun man, kudos.
[+] ecto|14 years ago|reply
Thanks! I had a lot of fun writing it!
[+] bromagosa|14 years ago|reply
Cool one!

It'd probably be a good idea to crop titles and contents if they exceed a particular length.

[+] ecto|14 years ago|reply
Doing this right now!
[+] ecto|14 years ago|reply
I just added a basic spam detector and truncated title lengths :|
[+] ecto|14 years ago|reply
Also I had to upgrade my RAM pretty fast haha. Should be better now.
[+] brettbergeron|14 years ago|reply
Nice work dude! This is like 4chan, but real-time :D
[+] ecto|14 years ago|reply
I'll take that as a compliment haha.
[+] vics|14 years ago|reply
Nice MVP with critical mass reached.
[+] ma2xd|14 years ago|reply
What kind of server do you use?
[+] ecto|14 years ago|reply
This is just a single process on a Joyent SmartMachine. It's the first time I've used them and I've been pleased!
[+] pcopley|14 years ago|reply
So you built 4chan without the user base.
[+] voxx|14 years ago|reply
lol the xss possibilities on this thing are making me drool a bit

and that guy is not going to get banned

[+] ecto|14 years ago|reply
I patched up the ones that were apparent, but I'm sure there's still some open.