This repository has been archived by the owner on Dec 4, 2022. It is now read-only.
Fix bug XSS Attack
Update lib Froala Editor to prevent XSS attack. Thanks to An Pham for his contribution.
Add encryption between server and client in WebSocket
We add an encrypted communication between server and client by using symmetric cryptography, with a session key that is shared between client and server when the page is loaded. The session key is encrypted by using asymmetric cryptography (RSA) in the exchange phase. The whole communication is the same as the HTTPS establishment.