Skip to content
← Back to Community
A super simple chatroom that is fast and secure
Profile icon
Vandesm14

Hate the fact that you either don't have discord or don't have access to it? Well now you can enjoy the fun of human to human communication though LowChat, a high performance chat engine with a simplistic design. No need to worry about a company (or me) spying on you, just fork the repl to make it your own! LowChat features a logless chat engine, meaning all of your messages are never stored, only recieved by the other end and nothing else. If you would like to build a bot for LowChat, it's totally possible (rest api coming soon). It runs off of a single "message" event, allowing the ease of use by any bot maker!

This system is a bit wonky with a couple of extra security features which didn't work. I am in the process of polishing up the site to keep it working properly!

Cheers!
FAQ:
Admin commands? No, not yet.

Voters
Profile icon
SAMIRayglon
Profile icon
bebe825
Profile icon
JamesErvin
Profile icon
mesquite2234
Profile icon
AidanMarden
Profile icon
Kookiez
Profile icon
zplusfour
Profile icon
techgeek680
Profile icon
AparnaMane2
Profile icon
EmrePython
Comments
hotnewtop
Profile icon
MMarkosPro21

hey how do I get admin? I forked this

Profile icon
MMarkosPro21

@MMarkosPro21 oh so um its not done yet? oof

Profile icon
Vandesm14

@MMarkosPro21 Nah, it's not finished. But I've abandoned this, so there will be no updates anymore. At least not until a few months/years from now. If there is enough pressure to start it again, I might 😉

Profile icon
Vandesm14

@YeetsaJr It still works, I've just abandoned this. I'm probably not coming back to this as it is not really a practical application to put my time and effort into. You're welcome to fork the project as long as you @ or credit me.

Profile icon
Vandesm14

@YeetsaJr What would I update? I'm not having it store logs, that'd require quite a bit of storage. So like I said, I'm not really coming back to this as it's not practical and not really useful as there's things like Discord, Slack, WhatsApp, and all the other messaging apps.

Profile icon
Vandesm14

@YeetsaJr Well yeah. But that's like guessing a key of the same type, it's extremely difficult and takes tons of time and power. So it's theoretically impossible to guess the ADMIN password correctly.

Profile icon
pyelias

Your sanitize function doesn't work when given a string like <script 
>. You could fix this by just replacing all angle brackets with &lt; &gt; (I think, that might have problems too).

Profile icon
Vandesm14

@pyelias Noted

Profile icon
Vandesm14

@pyelias Wait, do you mean it doesn't sanitize on your side? It's not supposed to. It only sanitizes for the other members.

Profile icon
pyelias

@Vandesm14 No, I mean you can xss everyone in the chat by including a unicode line separator (u+2028) in an html tag. I've tested this on myself (in another tab) and other people.

Profile icon
Vandesm14

@pyelias Ah. I will get to that as soon as possible. Thanks for telling me!

Profile icon
pyelias

@Vandesm14 You also might want to stop sockets from initing multiple times, and from re-using names.

Profile icon
bitnetwork

You can do some XXS without it triggering the sanitize regex by not properly closing a tag like so: <img src='nonexistantfile.html' onerror='alert()'

Profile icon
Vandesm14

@bitnetwork That's been fixed in the new update!

Profile icon
CircuitSacul

Amazing. Maybe add a password feature, so you can create a room, and set a password, so only those with the password can access

Profile icon
Vandesm14

@LD1 That's planned in the next update!

Profile icon
Vandesm14

@LD1 Wait, do you mean it doesn't sanitize on your side? It's not supposed to. It only sanitizes for the other members.

Profile icon
CircuitSacul

@Vandesm14 Did you mean to send that comment to pyelias?

Profile icon
Vandesm14

@LD1 Uhh...Yes. Lol. My mistake!

Profile icon
sidneydannijs

How do you create rooms?

Profile icon
Vandesm14

@sidneydannijs You can use /join <room name> to join or create a room!

Profile icon
bastalin

A great development for those who begin to practice coding for messengers. But there is no future for such development because today's Internet will not exist without messengers that ""spy."" Think about the future of your product.

Text messaging platforms for business hold on to what monitors data. This is what online business is based on today. You're just fooling yourself when you create an entirely closed chat engine. Because messages are going through the Internet anyway, the data can be intercepted more radically.

Profile icon
ShaneAtReplit

@bastalin Yeah, this was just a proof of concept. I'm aware that this isn't going anywhere, that wasn't the point of this project anyway...

Profile icon
TheOwnQuizCom

@Vandesm14 PLEASE ADD A TAB THAT SAYS ENTER YOUR NAME PLEASE 😭😭😭😭

Profile icon
PATRICKCALLAHA2

how do i get the op stuff?

Profile icon
Vandesm14

@PATRICKCALLAHA2 If you're on my fork and you've created your own room, just do /op [username] to op someone. If you're on your own fork, you can create a .env file and put an admin password like so ADMIN=1234, which you can use to op yourself: /key 1234. From there, you can op people.

Profile icon
BryceBrower

Also there’s a bug where if you mute someone you just have to reload and it will unmute.

Profile icon
Vandesm14

@BryceBrower Yeah, that's the issue with the system I used: It's account-less, so banning and whatnot will not persist.

Profile icon
BryceBrower

New update idea: code a discord bot that connects to this so everyone can chat together.

Profile icon
Vandesm14

@BryceBrower I'm not planning on continuing this anytime soon but you're free to fork this and give it a go yourself! Or even create your own based on mine.

Profile icon
BryceBrower

How do you op people

Profile icon
Vandesm14

@BryceBrower If you're on my fork and you've created your own room, just do /op [username] to op someone. If you're on your own fork, you can create a .env file and put an admin password like so ADMIN=1234, which you can use to op yourself: /key 1234. From there, you can op people.

Profile icon
BryceBrower

@Vandesm14 Thank you!

Profile icon
kirjorjos

looking into this more, I'm getting confused as to whether or not more than 1 room is supposed to be able to exist, and if so, how I define them. I found what you said about "/" in the url, but when I make it "/test" instead of "/main", it works, but when I do "/rooms", it only lists "test", not "main" anymore.

Profile icon
Vandesm14

@kirjorjos I'd love to help, but even I have no idea how this works internally.

  1. It's been quite a while since I've worked on this
  2. The code was hacked together and didn't really work to begin with

Sorry about that.

Profile icon
kirjorjos

@Vandesm14 It's ok, I've managed to get the discord bot I was talking about earlier working bi-directional for a single channel with the "main" room. That at least allows for me to bypass the block on it; thank you for providing this irc as a frame at all.

Profile icon
Vandesm14

@kirjorjos No problem! I'm glad you were able to get it to work!

Profile icon
kirjorjos

Would I be able to make a discord bot that connects to a forked copy of lowchat?

Profile icon
Vandesm14

@kirjorjos I couldn't tell you how to do it, but it's possible. You'd need to use SocketIO as the API platform.

Profile icon
kirjorjos

@Vandesm14 ok, I was trying for a while to just find where it sends the message out and where it receives the message and add a discord channel send and encase it in a on message respectively. I've been looking to make an irc client to discord bot for a while, but it's been a bit hard for me as I'm not very familiar with html. I'll do a bit of googling on socket io then, thank you.

Profile icon
Azazeth

um how do i make it so that the server will save chatlogs?

Profile icon
Vandesm14

@Azazeth You'd need to use something like ReplDB, MongoDB, or nedb. Then, you'd need to send and receive the stored messages on the client.

Profile icon
CircuitSacul

Just so you know I still use this occasionally :)

I was wondering what you do to escape things like

Profile icon
Vandesm14

@LD1 I use RegEx to find all "<" and ">" and replace them with "<" and ">" respectively. Here's the code for the function:

message.replace(/</g, '&lt;').replace(/>/g, '&gt;');

This code is run on the server, not the client (script.js)

If you have Discord, I can give you a detailed explanation of the functions and configuration of LowChat in detail: Vandesm14#3364

Profile icon
CircuitSacul

Love the new update. I do think that it should ask you what you want your username to be, instead of you having to set a new one each time. I noticed that your using cookies, but it doesn't save your name/nickname for the next time or when you reload. It would be nice if it checked to see if you had a name saved in cookies before giving you a new random name

Profile icon
Vandesm14

@LD1 It should be caching your username and the chatlogs. If it's not, make sure you have localStorage enabled.

Profile icon
CircuitSacul

@Vandesm14 Oh yeah. All my cookies get removed on reload. Lol sorry

Profile icon
Vandesm14

Hello all! I am letting you guys know that I've updated the servers to Lowchat V2! V2 is much more secure and has way more commands than V1. I will ask that you place any feedback for Lowchat V2 here

Profile icon
Desireless

Amazing, I liked the simplistic design!

Profile icon
Vandesm14

@Desireless Thanks! It's supposed to be a bit nostalgic from the days of IRC.

Profile icon
[deleted]

Great Project, looking forward to see this Develop!

Profile icon
Vandesm14

@JacksonCowie Thanks. I'm working on fixing all of the issues and releasing a new update!

Profile icon
CircuitSacul

I noticed that if you type enough messages so it fills up the screen, instead of making the page longer, the messages just get closer together as you type.

AF05D0C4-A9C3-4D33-A6B8-D408CAB85E6C

Profile icon
CircuitSacul

I would appreciate it if the message bar stuck to the bottom of the page, and if you click on it, and your not at the bottom of the messages, then it sends you to the bottom.

Profile icon
Vandesm14

@LD1 Fixing the chatlog is on the list. I'm not sure why it keeps breaking, but I will add auto-scroll as well!

Profile icon
[deleted]

Wow! This is great! I have one suggestion. Maybe on the homepage, you can provide urls to the most visited chatrooms. For example:

Most Popular Chatrooms: 1. /chatroom/ 2. /coolthings/ 3. /lowchatters/

Besides that, I think this has a lot of potential!

Profile icon
Vandesm14

@ryaalbr Interesting idea. I'm thinking of making a link to the /root chatroom (which I use a bit). But a public listing of the active chatrooms might be a bit too much of a security problem as some people would want their rooms private. In the next update, this will most likely happen though as I am reworking the code to support admin commands and username registration.

Profile icon
CircuitSacul

@Vandesm14 You could show the most visited rooms, and the people who created the room can choose to have a password or not. That way, even if someone has a link to it, they still need a password if the room owner wants it that way.

Profile icon
Vandesm14

@LD1 Good point. As password-protected rooms are coming soon, I will make sure to include this in the next update!

Profile icon
ash15khng

Nice! I have a suggestion, could you add a way to join a room which is not by adding to a URL? (you can maybe add a text box?)

Profile icon
Vandesm14

@ash15khng If you go to the homepage "/" there is an input box (autofocused) for you to input a room name. Should I make it more clear that there is an input box?

Profile icon
ash15khng

@Vandesm14 Wow I didn't notice that sorry.

Profile icon
XavierDD

Nice idea. Though it could be logged with a bot/program that is running in the server though, right?

Profile icon
Vandesm14

@XavierDD Yes. You could have a bot track the messages in a room and store them to a log. But this is really difficult to detect and prevent so there isn't any current implementation of a protection against this.