search

JavaChilly / dome-client.js

a node.js/socket.io web app which a MOO can run for its users to connect with. uses no flash or java.
BSD 3-Clause "New" or "Revised" License
23 stars 16 forks source link

Connections to any Telnet server allowed despite config prohibiting it. #14

Open wowpin opened 5 years ago

wowpin commented 5 years ago

It has come to my attention that dome client makes connection to any server without an issue by following links constructed as such:

http://<CLient IP>/player-client/?game=sd&gh=<Arbitrary Telnet Server>&gp=23&cs=true&as=dbl&et=twilight&of=standard

This is despite following option being set in default.js

    'mode'         : 'production',
// do you want your webclient to allow users to connect to any game => true
// do you want your webclient to connect users only to your game => false
    'connectAnywhere': false,