Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The module is based on the application framework and it uses mysql as a database handler.
You will need to include this in your server.js
like use('comet.js')
// REQUIRE comet module
comet = new Comet({
app : app,
database : 'my_projects_database',
id : function(request, response){ return request.cookies.sid; },
sender : function(request, mysql, callback){
mysql.users.getBy('id', request.cookies.id, function(users){
callback(new User(users[0]));
});
}
});
// COLLECT Listeners
var everyone = [];
comet.listener('home', function(request, package, mysql, options, end){
end(everyone, options, false);
});
// JOIN event
var join = comet.actions('join');
join.onEmit = baseEmit
join.onSubmit = function(mysql, request, response, package, private, listener, end){
everyone.push(request.cookies.id);
end();
}
// LEAVE event
var leave = comet.actions('leave');
leave.onEmit = baseEmit;
leave.onSubmit = function(mysql, request, response, package, private, listener, end){
everyone.remove(request.cookies.id);
end();
}
You will have to include the auto generated /scripts/comet.js
<script src="/scripts/comet.js" type="text/javascript"></script>
<script>
window.onload = function(){
// PUSH join
comet.push({ type: 'join', listeners: ['home'] });
// PUSH messages
comet.push({ type: 'message', listeners: ['home'], message: 'Hello World!' });
comet.push({ type: 'message', listeners: ['home'], message: 'This is comet.js!' });
}
// PUSH leave
window.onunload = function(){
comet.push({ type: 'leave', listeners: ['home'] });
}
// LISTEN on join, leave and message events
comet.ping.join = function(package){ console.log('joined', package); }
comet.ping.leave = function(package){ console.log('leaved', package); }
comet.ping.message = function(package){ console.log(package.sender, ' -> ', package.message); }
</script>
object
required
Application()
Objectstring
required
function
required
request.cookies.id
function
required
function
optional
When you use the comet module on server side, a path for the client side js file will be generated in your public/scripts/comet.client
what you can include in your html file like this:
<script src="/scripts/comet.js" type="text/javascript"></script>
After you included the comet.js
file you will have access to the global comet
object.
comet.controller(); // start the controller
setTimeout(comet.worker, 1000); // starts the worker 1 second later for safety
After you initialized you don't have to worry about anything except sending and receiving information in real-time with push
function and ping
object.
This function broadcasts a message with the specified package
:
string
required
string, integer or array
required
optional
anything
An example push request:
comet.push({
type: 'join',
listeners: ['family'],
my_custom_message: 'Hi family members!'
})
This is where you can assign listeners to the actions, for example you can listen to the join event above with:
comet.ping.join = function(package){
console.log(package)
// output => { type: 'join', listeners: ['family'], my_custom_message: 'Hi family members!' }
}
app.public+/scripts/comet.client
submit_before_emit
package._stamp
)request.comet_id
by COMET.id()
Controller/workers
mechanismjoin
, leave
, create
, update
, delete
types and register the channel
listener.FAQs
The best COMET module for node.js
The npm package diet-comet receives a total of 0 weekly downloads. As such, diet-comet popularity was classified as not popular.
We found that diet-comet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.