Hi!
minor correction: In the blog the registeredcmd in js doesn't match up with cmd
sent from php. ('securepush', and 'inlinepush' respectively) Thank you :o)I´ll
correct this.
Instead of sending to a channel and searching through the userlist for a custom
property. Couldn't you just send to a user by there pubid?hmm, I thought about
this, too. There are two problems I see with that.
First the pubid must be known to the script/application doing the inline
push.So there must be some kind of publishing the pubid in a connect
hook. That´s a minor problem but comes with some complexity.
The second one is, that the solution is meant to be used with allready
existingUser accounts. So there must be a way of preventing a "bad user" to
connectto a channel with someothers username/nick or otherwise preventing us
fromsending him private messages. So how can we make absolutely sure, that we
broadcast to the right user? As far as I can think, only by using some kind of
secret/session key.
But maybe I missed something. I don´t claim this approach to be THE solution
for the problem, but A solution. There might be betterones, but this one is
just easy to implement. Timo
--- Perrin Perrin <[email protected]> schrieb am Mo, 15.3.2010:
Von: Perrin Perrin <[email protected]>
Betreff: Re: [APE Project] secure inlinepush - blogpost
An: [email protected]
Datum: Montag, 15. März, 2010 20:50 Uhr
Timo:
minor correction: In the blog the registeredcmd in js doesn't match up with cmd
sent from php. ('securepush', and 'inlinepush' respectively)
Question: Instead of sending to a channel and searching through the userlist
for a custom property. Couldn't you just send to a user by there pubid?
(http://www.ape-project.org/docs/server/users/getuserbypubid.html)
--CrypticSwarm
On Mon, Mar 15, 2010 at 2:29 PM, Timo Michna <[email protected]> wrote:
Hi!
As I promised I wrote a blogpost on how to implement a secure inline push in
APE.You can find it
here:http://blog.esfex.com/How-to-implement-a-secure-push-to-APE-Ajax-Push-Engine.html
I hope I can write a scond one in the next days for the approach couldstill
need some improvement.
Timo
__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen
Massenmails.
http://mail.yahoo.com
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen
Massenmails.
http://mail.yahoo.com
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
