You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Good catch, this is probably one of the downsides of using my own HTTP trigger rather than the Function extensions & bindings/triggers for Web PubSub
But I couldn't find a way to get them to work in a Static Web App
I think it’s totally valid to use your own http function. There’ll be an input binding that will do this work for you that should be available in a few months to simplify this a lot.
In the meantime it would be great to update this sample in case someone copies it. Maybe just adding a comment near that userId line that indicates this is missing would be helpful. Thanks for putting this together!
It looks like the current sample is vulnerable to spoofing. The function should validate the signature on every request: https://azure.github.io/azure-webpubsub/references/protocol-cloudevents.html#web-pubsub-service-atrribute-extension
chatr/api/eventHandler/index.js
Line 43 in 67e1241
The text was updated successfully, but these errors were encountered: