One of the use cases that I can imagine with server sent events would be pushing a scan command to our security agent running in all our clients. So scheduled scan events can be triggered by server anytime and responses can be sent back. On the flip side it can also act as a C2 for some malware. Conditionally triggering different functions on the client side. What do you think? Or is there a better way to achieve these tasks?
With SSE you won't be able to get the responses back since the communication is unidirectional, only server to client. Otherwise yes, something like that is possible.
What an explanation thanks buddy.
Fantastic tutorial
Thanks, glad you liked it!
What IDE are you using?
I am using Zed now.
One of the use cases that I can imagine with server sent events would be pushing a scan command to our security agent running in all our clients. So scheduled scan events can be triggered by server anytime and responses can be sent back.
On the flip side it can also act as a C2 for some malware. Conditionally triggering different functions on the client side.
What do you think? Or is there a better way to achieve these tasks?
With SSE you won't be able to get the responses back since the communication is unidirectional, only server to client. Otherwise yes, something like that is possible.
Thank you!
any value of *http.Request int he handler in SSE case?
Great question. Not in my example maybe, but it's a normal HTTP request, so you can read headers from there for example, such as Authorization etc.