What I normally do is restrict communication to sole A-Z, a-z and 0-9. And store... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		maldev on July 9, 2022 \| parent \| context \| favorite \| on: Ask HN: How do you implement internal user messagi... What I normally do is restrict communication to sole A-Z, a-z and 0-9. And store everything locally on each persons computer with a really simple encryption method so you don't actually see the chat. This protects you from liability as well as any exploits due to not sanitizing the data. Literally just a "GET getChatMessage(AUTH, USER)" and a "POST sendChatMessage(AUTH, USER)". And inside getChatMessage, delete all messages that are sent.

dekervin on July 10, 2022 [–]

I am not sure we will go down tha t path, but I am really glad you provided that comment. It expanded my view of what is possible. I guess the experience your users expect allow you to use that method ? If you have more interesting details on how it works, I would love to hear them !

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact