i don't believe that's a problem there aren't any known vulnerabilities to this, server-side socket.io is using ID to identify websocket connections just to "know" where to emit events and from where an event was emitted.
Is passing socket.id from server to client possible security issue?
سؤال
I'm using node.js with socket.io. Every socket connected to server has its own socket.id
. I'm wondering if it is possible security issue if I pass socket.id
from server to clients?
المحلول
لا تنتمي إلى StackOverflow