Hi all, I maintain Faye (http://faye.jcoglan.com), a socket-based pub/sub system for Node and Ruby. For the next release, I'm putting together a guide on securing your Faye server, and I think a lot of what I'm covering applies to other socket-based applications. You can read my draft here:
https://github.com/faye/faye/blob/master/site/src/pages/security.haml I would love some feedback on this. In particular, I am looking for anyone who has implemented CSRF protection and other authentication mechanisms in Faye, Socket.IO, SockJS or plain WebSockets -- I'd like to know how you're implementing such things. -- James Coglan http://jcoglan.com +44 (0) 7771512510 -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
