Updated Chatroom
posted to Share by LoneAce

@LoneAce assuming you don't log it, no. but i could try and bruteforce the endpoints anyways. point is, there was zero security in the architecture to begin with, open sourcing it would only save me the time

Updated Chatroom
posted to Share by LoneAce

@LoneAce you should really just open source the server. i highly doubt that there's anything that would be an issue exposing to the public assuming you secured the appropriate data

Updated Chatroom
posted to Share by LoneAce

@LoneAce

  1. authentication via ip addresses is insecure as ip addresses can change and don't represent single people
  2. you can't as your repl is behind a reverse proxy anyways, and the returned ip from the ip layer would be that of the proxy. (but it may be accessible through a header)
Updated Chatroom
posted to Share by LoneAce

@superwhiskers here. https://chatroom-database.loneace.repl.co/public this is the url to the secret of the public chatroom.

to remedy this, i'd suggest having the server itself proxy messages to a store and require authentication on the serverside for moderation actions

Updated Chatroom
posted to Share by LoneAce

@GabeEE you don't even need to have the password, or crack it, or anything. all you need to do it remove the code that checks the password/removes [MOD] and you're good. the "server" itself only returns a jsonstore secret anyways so all you need to do is take that and you can edit anything you want, even wipe the chat.

Golang Type Conversion
posted to Ask by ArchieMaclean

(already answered on discord, but i'll post it here for others to see)

i believe you could just assert the type for the document as being a map[string]interface{} and then assert the value you get (e.g. at key username) as being a string, or if you're confident that all values in the json document are strings, you can assert the document as being a map[string]string

also, you can't access the username key with .username on the document, you need to do map access (e.g. resp["username"])

First time C
posted to Ask by vicenzo

on any line where you see close, you are closing a file by it's file descriptor. anywhere where you see write, you are writing to a file by it's file descriptor. what the file descriptors here appear to be referencing are pipes that you create on lines 17 and 19. so you're basically writing to and closing pipes on the lines that you provided me

pypy.repl - python3.5 compatible pypy on repl.it!
posted to Share by superwhiskers

@replitcode i'm not sure if there are any pypy-specific modules, but pypy is faster so you can take advantage of that

undertale-themed realtime text chat thing
posted to Share by superwhiskers

oh yeah, it's because it uses a contenteditable div as the textarea

undertale-themed realtime text chat thing
posted to Share by superwhiskers

@amasad ah, yeah that was a limitation i imposed (i forgot why). i might add it again

undertale-themed realtime text chat thing
posted to Share by superwhiskers

@Zavexeon sadly, i don't think i can do much about that :p

undertale-themed realtime text chat thing
posted to Share by superwhiskers

@amasad, you can't see it on your end because of how it was designed, but everyone else can!
(it's mostly because if it dynamically updated it in your textfield, it would interfere with editing your message, you can see the markdown-formatted text by opening a new tab and viewing your message box)

undertale-themed realtime text chat thing
posted to Share by superwhiskers

@NecrozmaSpin it's technically named sanschat so i just went with comic sans to follow the theme

📕Language Learning Club 🤓
posted to Announcements by amasad

sure, sounds interesting