CalChat is a web app that hosts chatrooms for every class and building on campus with the goal of connecting the cal campus community. By logging in with Facebook, students can talk to fellow students in the same building or class, make friends, find study partners, and stay in the loop.
in chat.js:50, the socket.on('online') function, mapping returns too much sensitive information about all the online users in the room. for example, i can see the private key and title of all their group chats as well as what their special value is and whether they enabled their phone/email for notifications (?).
probably want to patch this up to prevent ppl cough from joining secret rooms.
in chat.js:50, the socket.on('online') function, mapping returns too much sensitive information about all the online users in the room. for example, i can see the private key and title of all their group chats as well as what their special value is and whether they enabled their phone/email for notifications (?).
probably want to patch this up to prevent ppl cough from joining secret rooms.