2

Let's say I have a socket.io event called 'add' which takes 0 parameters and when received on the server side, increments a count variable and then emits the new count value to every client. How can I stop people from essentially opening up the JS console and using a loop like:

for(var i = 0; i < 1000; i++) {
    socket.emit('add');
}

Another scenario which may make more sense is: how can I detect flooding in, say, a chatting application?

I fully understand that there's nothing one can really do to ensure that client side code isn't manipulated by user.

How would one go about adding some form of timeout for each socketio event handler for each client?

user3530525
  • 691
  • 3
  • 8
  • 20
  • See http://stackoverflow.com/questions/22110010/node-socket-io-anything-to-prevent-flooding – Xodrow Oct 26 '15 at 18:01
  • @Xodrow I've seen that, that's for throttling actual data sent to the server. I don't think it's a timeout at all. It's a mb/s throttle. I'm looking for some form of socket emit event handler that checks the previous time of each previous event from the same socket. – user3530525 Oct 27 '15 at 00:09
  • why not augmenting the client with `lasttime = Date.now()` and check if `lasttime - Date.now() > fixedtimeout` ? – Anonymous0day Oct 28 '15 at 12:49
  • @Anonymous0day I actually ended up doing that using a key val array to store client addresses along with previous message time and then checking if the difference between the time was less than 100ms. Submit this as an answer and I'll select it. – user3530525 Oct 28 '15 at 15:34

1 Answers1

0

Just for validation :

why not augmenting the client with lasttime = Date.now() and check if lasttime - Date.now() > fixedtimeout

or :

using a key val array to store client addresses along with previous message time and then checking if the difference between the time was less than 100ms

:-)

Anonymous0day
  • 3,012
  • 1
  • 14
  • 16