+ 4

Hacked my code 🙁

A fellow named "HRX" Has done some modifications in my recent code - chat application. I don't know how that felow hacked 😒. Help me to resolve the problem 🥺 https://sololearn.com/compiler-playground/WeDbqc7f626d/?ref=app

5th Nov 2024, 11:04 AM
Vidhya Tharan
Vidhya Tharan - avatar
8 ответов
+ 6
Vidhya Tharan if that person has modified your code without asking your permission or hasn't given you credit. You can message any mentor or write an email regarding this by attaching your code and his code at info@sololearn.com.
5th Nov 2024, 11:20 AM
Aysha
Aysha - avatar
+ 6
No one modified your code. You allow anyone to chat without any sort of registration. I can run your page many times and use a different name and put whatever messages I want. That is not someone hacking. You simply don't have any security in place. Normally chat tools like this require some authentication and also have filters for content to prevent posting offensive content or links and other measures to protect the chat. With none of that in place, your chat will get filled with garbage.
5th Nov 2024, 10:26 PM
Jerry Hobby
Jerry Hobby - avatar
+ 4
I have now fixed the problem by clearing the firebase storage 👍.
5th Nov 2024, 1:36 PM
Vidhya Tharan
Vidhya Tharan - avatar
+ 3
He probably have somehow gotten access to your firebase api key. I'm glad it's fixed now !
5th Nov 2024, 2:18 PM
Shourya Suthar
Shourya Suthar - avatar
+ 2
Alright
6th Nov 2024, 4:54 PM
Kazeem Idris:alright
Kazeem Idris:alright - avatar
+ 1
Maybe you can limit the length of the message and also set an internal limit on the number of messages stored. You can delete earlier messages if that limit is exceeded. You should also limit the number of uploads to discourage automated attacks. Don't leave your site open for people to throw garbage into.
6th Nov 2024, 8:12 AM
Bob_Li
Bob_Li - avatar
+ 1
Quelq'un parle t'il français ici??
6th Nov 2024, 10:59 AM
Ateba Tobie Fredy
Ateba Tobie Fredy - avatar
+ 1
You'll need some Firebase security rules for not letting everyone to do everything. Since there's no authentication, this is challenging. At least create a rule so no one can delete/edit messages (or docs) there.
6th Nov 2024, 11:39 AM
Shihan
Shihan - avatar