sagarankoliya
commented
6 years ago Message send by socket id instead of user_id, it just for demo so that`s way i have set user id in meta.
Closed alquhait closed 6 years ago
sagarankoliya
commented
6 years ago Message send by socket id instead of user_id, it just for demo so that`s way i have set user id in meta.
Malicious users can change the content of the meta tag user_id to send message from any other users. So you may change the way user_id and it should be inside server not from client.