Now.js and secure

257 Views Asked by ElSajko At 07 April 2025 at 04:37

i've made some chat application in Node.js with now.js. And now I think up about something. There are two files.. server.js, and client.js and everyone can steal client.js file and run it on another hosting to get benefits of my server.js work. How can I prevent it?

This is about that client.js connect with host by domain and port:

window.now = nowInitialize("http://address.com:6564");

How make it more secure, for example only clients (js files) from my host(address.com) can connect with my host.

Original Q&A

There are 2 best solutions below

nembleton On 27 July 2012 at 01:09 BEST ANSWER

How does your users get authentified into you chat? Is there a registration or anything?

Maybe a token or a secure key would do it? Or a secure cookie ( sorry ... but at least invisible to the user ) with the said token? And without a token you couldn't access your services?

Ruben Verborgh On 26 July 2012 at 12:55

If your concern is that other servers can use your server with the client code: this should not be an issue because of the Same Origin Policy. Only if your server specifically allows it, will clients from other hosts be able to communicate with it.

Just try it out from a different domain name (or even localhost): you will see your browser won't let you make cross-domain requests.

(As an example, you can see this StackOverflow post were a user could not get Socket.IO working over different host/post combinations.)

UPDATE

It would work like this:

enter image description here

Now.js and secure

There are 2 best solutions below

Related Questions in JAVASCRIPT

Related Questions in NODE.JS

Related Questions in CLIENT

Related Questions in NOWJS-SOCKETS

Trending Questions

Popular # Hahtags

Popular Questions