It does have a flood filter, your thing just spams so it gets in the post every chance. I can only make the flood count longer. That's the problem with javascript, kinda hard to prevent people from screwing around and editing it in-place.
I'm not 100% sure how WebSockets work, but I assume it's going through your server and then sent to everyone else? Could you not do a rate limit of 5 per 30 seconds, or require at least one comment in between yours? Not sure what the best approach would be best.
> That's the problem with javascript, kinda hard to prevent people from screwing around and editing it in-place.
Not if you use a module pattern with private methods.
But the real problem you should be addressing, and one which applies to any internet app, is people directly sending data to the server. Whether it's initiated by JS or flash or anything is not relevant - sure it's sometimes easier to hack about with JS apps, but if you fix people being about to open telnet and spoof the raw data, then you fix all those holes at the server, and that leaves you free to entirely change the way your code works in the future, instead of having to re-code misguided security fixes.
Just kick of the flooders. Btw you could try node.js, then run the same game code on the server too, so there will be no cheating in the game when finished.
Should be fairly straightforward. Simply 'save' the last time this user has posted a message. Then the next time they attempt to post a message check if the alloted time has passed and process accordingly.
I see you are using dict, so just add a record with that info and you should be set.
I do do that. "LastMessage" var of the tuple in the dict. It's not enough if they make multiple windows all spamming in a loop. Some of the messages get through
Gotta fix the flooding issues, there's still something that can make it crash too.