Skip to content

Commit

Permalink
Adding Protection
Browse files Browse the repository at this point in the history
  • Loading branch information
Olivier BONNAURE committed Jul 30, 2010
1 parent dc005ae commit 180c104
Showing 1 changed file with 89 additions and 88 deletions.
177 changes: 89 additions & 88 deletions server-io.js
View file
Expand Up @@ -8,7 +8,7 @@ var http = require("http"),
nicks = {},
rooms = {},
ignore_uniq = false,
allowed_domains = ["http://chat.solisoft.net"]; // Not used for now
allowed_domains = ["chat.solisoft.net:8090"]; // Not used for now

for(var i = 0; i < allowed_domains.length; i++) {
allowed_domains[i] = allowed_domains[i].replace(new RegExp("\\.", "g"), "\\.").replace(new RegExp("\\/", "g"), "\\/");
Expand Down Expand Up @@ -66,50 +66,49 @@ function uniqNick(client, nick) {
}

var httpServer = http.createServer(function(req, res) {
if(true) {
if(req.method == "HEAD") {
res.end();
} else {
var path = url.parse(req.url).pathname;
if(path == "/") path = "/client-io.html";
switch (path) {
default:
if (/\.(js|html|swf|wav|css)$/.test(path)){
try {

var ct = "text/html";
var mode = "utf8";

if(path.substr(-4) === '.swf') {
ct = "application/x-shockwave-flash";
mode = "binary";
}
if(path.substr(-3) === '.js') ct = "text/javascript";
if(path.substr(-4) === '.css') ct = "text/css";
if(path.substr(-4) === '.wav') {
ct = "audio/x-wav";
mode = "binary";
}
res.writeHead(200, {'Content-Type': ct });
res.write(fs.readFileSync(__dirname + path, mode), mode);
res.end();
} catch(e){
send404(res);
}
break;
}
send404(res);
if(req.method == "HEAD") {
res.end();
} else {
var path = url.parse(req.url).pathname;
if(path == "/") path = "/client-io.html";
switch (path) {
default:
if (/\.(js|html|swf|wav|css)$/.test(path)){
try {

var ct = "text/html";
var mode = "utf8";

if(path.substr(-4) === '.swf') {
ct = "application/x-shockwave-flash";
mode = "binary";
}
if(path.substr(-3) === '.js') ct = "text/javascript";
if(path.substr(-4) === '.css') ct = "text/css";
if(path.substr(-4) === '.wav') {
ct = "audio/x-wav";
mode = "binary";
}
res.writeHead(200, {'Content-Type': ct });
res.write(fs.readFileSync(__dirname + path, mode), mode);
res.end();
} catch(e){
send404(res);
}
break;
}
}
} else { res.end(); send404(res); }
}
send404(res);
break;
}
}
});

httpServer.listen(8090);

var socket = io.listen(httpServer);

socket.on("connection", function(client){

sys.puts("<"+client.sessionId+"> connected");

client.on("disconnect", function() {
Expand All @@ -124,63 +123,65 @@ socket.on("connection", function(client){
});

client.on("message", function(message) {
var allowed = false;
for(domain in allowed_domains) {
if(domain == client.request.headers.host) allowed = true;
}
sys.puts(message);
try { sys.puts("HEAD" + sys.inspect(client.request.headers.host)); } catch(e) { sys.puts(e); }
var msg = message.split(" ");
sys.puts(msg);
switch (msg[0]) {
case "/whoami":
client.send(json({ msg: "/hello " + client.sessionId.toString() }));
break;
case "/nick":
if(ignore_uniq || uniqNick(client, msg.slice(1).join(" ").trim())) {
if(allowed) {
var msg = message.split(" ");
sys.puts(msg);
switch (msg[0]) {
case "/whoami":
client.send(json({ msg: "/hello " + client.sessionId.toString() }));
break;
case "/nick":
if(ignore_uniq || uniqNick(client, msg.slice(1).join(" ").trim())) {
if(nicks[client.sessionId.toString()] == undefined) nicks[client.sessionId.toString()] = {};
nicks[client.sessionId.toString()]["nick"] = msg.slice(1).join(" ").trim();
client.send(json({ msg: "/your_nick " + msg.slice(1).join(" ").trim() }));
sendNicksList(client, msg.slice(1).join(" "));
} else client.send(json({ msg: "/notice Login " + msg.slice(1).join(" ").trim() + " already used"}));
break;
case "/join":
if(nicks[client.sessionId.toString()] == undefined) nicks[client.sessionId.toString()] = {};
nicks[client.sessionId.toString()]["nick"] = msg.slice(1).join(" ").trim();
client.send(json({ msg: "/your_nick " + msg.slice(1).join(" ").trim() }));
sendNicksList(client, msg.slice(1).join(" "));
} else client.send(json({ msg: "/notice Login " + msg.slice(1).join(" ").trim() + " already used"}));
break;
case "/join":
if(nicks[client.sessionId.toString()] == undefined) nicks[client.sessionId.toString()] = {};
if(nicks[client.sessionId.toString()]["rooms"] == undefined) nicks[client.sessionId.toString()]["rooms"] = [];
nicks[client.sessionId.toString()]["rooms"].push(msg.slice(1).join(" "));
broadCast(client, msg.slice(1).join(" "),"/join " + nicks[client.sessionId.toString()]["nick"] + " joined the #" + msg.slice(1).join(" ") + " room");
break;
case "/msg":
broadCast(client, msg[1], "/msg " + msg.slice(2).join(" "));
break;
case "/list":
sendNicksList(client, msg.slice(1).join(" "));
case "/writing":
//broadCast(client, msg[1], "/writing " + client.sessionId);
break;
case "/pm":
try {
client.send_to(msg[1], json({ msg: HTMLEncode("/msg " + msg.slice(2).join(" ")), room: HTMLEncode("/pm"), from: HTMLEncode(client.sessionId), name: HTMLEncode(nicks[client.sessionId]["nick"]), toname: HTMLEncode(nicks[client.sessionId]["nick"]) }));
client.send_to(client.sessionId, json({ msg: HTMLEncode("/msg " + msg.slice(2).join(" ")), room: HTMLEncode("/pm"), from: HTMLEncode(client.sessionId), name: HTMLEncode(nicks[msg[1]]["nick"]), to: msg[1], toname: HTMLEncode(nicks[client.sessionId]["nick"]) }));
} catch(e) { sys.puts(e); }
break;
case "/part":
var pos = nicks[client.sessionId]["rooms"].indexOf(msg.slice(1).join(" "));
if(pos >= 0) nicks[client.sessionId]["rooms"].splice(pos,1);
sendNicksList(client, msg.slice(1).join(" "));
broadCast(client, msg.slice(1).join(" "), "/part " + client.sessionId);
break;
case "/sessionId":
ignore_uniq = true;
client.sessionId = msg[1];
client.send(json({ msg: "/your_id " + msg[1] }));
break;
default:
if(nicks[client.sessionId.toString()]["rooms"] == undefined) nicks[client.sessionId.toString()]["rooms"] = [];
nicks[client.sessionId.toString()]["rooms"].push(msg.slice(1).join(" "));
broadCast(client, msg.slice(1).join(" "),"/join " + nicks[client.sessionId.toString()]["nick"] + " joined the #" + msg.slice(1).join(" ") + " room");
break;
case "/msg":
broadCast(client, msg[1], "/msg " + msg.slice(2).join(" "));
break;
case "/list":
sendNicksList(client, msg.slice(1).join(" "));
case "/writing":
//broadCast(client, msg[1], "/writing " + client.sessionId);
break;
case "/pm":
try {
client.send_to(msg[1], json({ msg: HTMLEncode("/msg " + msg.slice(2).join(" ")), room: HTMLEncode("/pm"), from: HTMLEncode(client.sessionId), name: HTMLEncode(nicks[client.sessionId]["nick"]), toname: HTMLEncode(nicks[client.sessionId]["nick"]) }));
client.send_to(client.sessionId, json({ msg: HTMLEncode("/msg " + msg.slice(2).join(" ")), room: HTMLEncode("/pm"), from: HTMLEncode(client.sessionId), name: HTMLEncode(nicks[msg[1]]["nick"]), to: msg[1], toname: HTMLEncode(nicks[client.sessionId]["nick"]) }));
} catch(e) { sys.puts(e); }
break;
case "/part":
var pos = nicks[client.sessionId]["rooms"].indexOf(msg.slice(1).join(" "));
if(pos >= 0) nicks[client.sessionId]["rooms"].splice(pos,1);
sendNicksList(client, msg.slice(1).join(" "));
broadCast(client, msg.slice(1).join(" "), "/part " + client.sessionId);
break;
case "/sessionId":
ignore_uniq = true;
client.sessionId = msg[1];
client.send(json({ msg: "/your_id " + msg[1] }));
break;
default:
break;
break;
break;
}
} // Switch
} // If allowed
});

client.send(json({ msg: "/hello " + client.sessionId }));



});


Expand Down

0 comments on commit 180c104

Please sign in to comment.