It al depends, your mayor concern should be the JSONP transport which is
the transport that allows cross-domain compatibility. But then again
web-sockets is also a cross-domain transport. There is an option in the
ape.conf file to disable JSONP, not sure if that will disable web-sockets
crossdomain requests as well.
You can also play with hooks on the connect command
(Ape.registerCmdHook("connect"), that is the command that starts it all.
You check at the requests headers and check for the domain the request is
coming from.
I personally never tried securing my ape servers so im curious what other
have to say.
Sent from my iPhone
On Jul 26, 2012, at 4:32 PM, GlennJ <[email protected]> wrote:
I have (after a struggle) APE server running on my CentOS server and the
Demo's all run etc which is great.
What I don't understand is what's prevent anyone from using my APE server
now? And how would I secure it to specific website addresses/domains?
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
--
You received this message because you are subscribed to the Google
Groups "APE Project" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/ape-project?hl=en
---
APE Project (Ajax Push Engine)
Official website : http://www.ape-project.org/
Git Hub : http://github.com/APE-Project/
