* the code of server side part of inline push is in: vim /var/ape/commands/inlinepush.js
does proxy.js is for JSF instead? 2011/10/12 Stefano Gargiulo <[email protected]> > I don't thik any kind of encapsulation can prevent this issue. > > I've the same doubt. Where is JSF server side ape code has a password check > feature? > Or anyone installing a JSF on an host and configuring it to my server can > send data to my server channels? > > i individuated the code responsible for password check of inline push > serverside: > > Ape.registerCmd("inlinepush", false, function(params, infos) { > if (params.password == Ape.config("inlinepush.conf", "password")) { > > But what is the equivalent part responsible to receive a JSF send? > It's in javascript (so easly editable for me) or it's hardcoded in C code? > > > 2011/10/12 Pablo Tejada <[email protected]> > >> You can encapsulate your JS code to void any hijackers from using dev >> tools like a browser's console to take control of the JS ape Object. >> >> -- >> You received this message because you are subscribed to the Google >> Groups "APE Project" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/ape-project?hl=en >> --- >> APE Project (Ajax Push Engine) >> Official website : http://www.ape-project.org/ >> Git Hub : http://github.com/APE-Project/ >> > > -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/
