Skip to content
This repository has been archived by the owner on Dec 4, 2022. It is now read-only.

Releases: huynhsamha/dontpad

Update security bug

01 Feb 02:08
Compare
Choose a tag to compare

Fix bug XSS Attack

Update lib Froala Editor to prevent XSS attack. Thanks to An Pham for his contribution.

Add encryption between server and client in WebSocket

We add an encrypted communication between server and client by using symmetric cryptography, with a session key that is shared between client and server when the page is loaded. The session key is encrypted by using asymmetric cryptography (RSA) in the exchange phase. The whole communication is the same as the HTTPS establishment.