which protocol or library should i use for chat-application?

agolangf · · 515 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>i want to use golang as backend.need to build simple,secure chat-app like whatsapp.</p> <p>which library or protocol should i use? i tried to use xmpp but it&#39;s not very tested for golang.</p> <hr/>**评论:**<br/><br/>rgzr: <pre><p>Depending on how ambitious you are, you could try to implement the <a href="https://matrix.org" rel="nofollow">Matrix protocol</a>.</p> <p>Like others here suggested it&#39;s REST/JSON but lays out how a secure, modern chat client/server should work.</p> <p>I don&#39;t know if there is any work done in Go that goes into the direction but you can look at their <a href="https://github.com/matrix-org/synapse" rel="nofollow">reference implementation</a> (in Python).</p></pre>Yellow_Bricks: <pre><p>Certainly very interesting, but also very ambitious. The matrix team is also currently working on a go rewrite so you might want to just jump on there.</p></pre>ZetaHunter: <pre><p>You could look at <a href="https://github.com/mattermost/mattermost-server" rel="nofollow">https://github.com/mattermost/mattermost-server</a> for inspiration.</p></pre>ericzhill: <pre><p>RESTful websockets or gRPC would be a good starting point.</p></pre>Thaxll: <pre><p>A bit nitpicking but I&#39;m not sure RESTful websocket is a thing, REST is stateless, more appropriate would be JSON over websocket.</p></pre>skyacer: <pre><p>They say websockets arent safe as xmpp?</p></pre>ericzhill: <pre><p>How do you you define &#34;safe&#34;?</p></pre>skyacer: <pre><p>&#34;in October 2010, Google’s security analyst Adam Barth accompanied by Carnegie-Mellon scientists in their work “Transparent Proxies: Threat or Menace” demonstrating how to intercept the WebSockets feeds of the users working through transparent proxies and substitute the information they receive. This gives a wide field for scamming, which is why Firefox and Opera refused to support the protocol until the more secure version is released. In addition, some popular anti-virus programs, such as Avast, consider this protocol harmful and block its usage completely.&#34;</p></pre>qu33ksilver: <pre><p>websockets already have &#34;wss://&#34; which just initiates an https connection and then moves on to work with just the tcp layer.</p> <p>Is this still insecure ?</p></pre>captncraig: <pre><p>Yeah, this article must be pre-wss. Although even the <a href="https://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-75" rel="nofollow">2010 rfcs</a> I found have wss in them.</p></pre>ericzhill: <pre><p>If you don&#39;t like websockets, then go with gRPC over SSL.</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

515 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传