Please see the server side code below. Assuming data.id is abc77 at some point, each connected browser will receive a socket message "my_model / abc77: update" or only those that subscribe to this particular message, regardless of whether the socket.io event is raised or not ?
To clarify, using a practical application: can a hacker get the message "my_model / abc77: update" using the browserโs developer console, even if his copy of my application does not have a subscription to it, not knowing that the .id data is abc77?
var io = require('socket.io'); io.listen ( server ).sockets.on ( 'connection', function ( socket ) { socket.on('my_model:update', function(data, callback) { database.save(data, function(err){ if (!err) { callback(data); socket.broadcast.emit('my_model/'+data.id+':update'); } }); }); });
source share