I am making a browser chat app, to learn crossbar/autobahn/wamp.
Original I know
So it’s working well. There is a server with a crossbar router running.
I have some python guests on the router to do things like storing the messages, and creating regular “ping” messages to help developement.
OK now to my issue. When a user inserts a message with script tags and an alert(), that pops up on each connected page!
Kinda cool, but obviously not good for serious use.
So the clients would publish to say ‘mysite.chat.pending’, and subscribe to ‘mysite.chat.ready’.
And, have the python guest subscribe to ‘mysite.chat.pending’, and for each message do some filtering, and then publish the safe version to ‘mysite.chat.ready’.
SO, My question is does this idea seem sane?
Would I ruin performance, but inserting this python code between the browsers publish and subscribe cycle?
thanks for any insight.