Fixed CORS issue and added chat spam safeguard

src/index.js

@@ -16,6 +16,13 @@ var ns = {
     tanks: io.of("/tanks")
 };
 
+// Allow CORS from ARNweb.nl
+app.use(function (req, res, next) {
+    res.header("Access-Control-Allow-Origin", "https://arnweb.nl");
+    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
+    next();
+});
+
 // Request documentation
 app.get("/", (req, res) =>
     res.status(200).sendFile(path.resolve(__dirname + "/../html/index.html"))

src/services/chat.js

@@ -38,20 +38,22 @@ function handle(io, socket) {
 
     // Handle messages
     socket.on("message_send", function (message) {
-    // Build message data for clients
-        message = striptags(message, "<br />");
-        if (message !== "") {
-            message = md.render(message);
-            message = message.replace(/\r?\n/g, "<br />");
-            var msg = {
-                "username": socket.username,
-                "mailHash": socket.mailHash,
-                "message": message
-            };
-            // Send message to clients
-            io.emit("message_receive", msg);
-        } else {
-            socket.emit("message_receive", serverMsg("Empty messages will not be sent."));
+        if (socket.username) {
+            // Build message data for clients
+            message = striptags(message, "<br />");
+            if (message !== "") {
+                message = md.render(message);
+                message = message.replace(/\r?\n/g, "<br />");
+                var msg = {
+                    "username": socket.username,
+                    "mailHash": socket.mailHash,
+                    "message": message
+                };
+                // Send message to clients
+                io.emit("message_receive", msg);
+            } else {
+                socket.emit("message_receive", serverMsg("Empty messages will not be sent."));
+            }
         }
     });
 }