Security issues

[AndyLnd]

I am not sure whether this a bug or a feature. When you start the server, you can easily access your console from any computer in the network. You simply have to change the host value in Yez.js on the client.
You could probably avoid this by using a white/blacklist on the server to limit the access or you could employ a password based authentication.

Cheers!

[krasimir]

That's a very good point. Here is how I'm planning to solve the problem:

1. The Node.js module yez will accept a string. Like for example yez mypassword. The string will be the password for access.
2. If there is a password then the client (i.e. the dev tools extension will ask for credentials).

Following this approach we will protect the Node.js executable and at the same time will provide backward compatibility. What you think?

[AndyLnd]

That would work and keep the option to connect to your machine remotely. You would have to add the possibility to change the target ip on the client more conveniently, of course.
There is one problem in this scenario, though: the password will be transmitted unsecured in your current setup. So maybe it would make sense to combine the two approaches, or to consider using a SSL connection.