Keep server timestamps for all copies

Note: This allows a replay attack where a malicious user can cause a
message to appear to be sent later than it was by re-sending it.
I'm not going to worry about any of these types of issues until the
crypto is in place, which will guard against most of them.

diff --git a/webclient/rc.html b/webclient/rc.html
index 8094f41669c8e1402c79fcd4aa21356d01ab7461..7517d14d38cfac45e2f5e4b7f66177d5dc8c20e8 100644 (file)
--- a/webclient/rc.html
+++ b/webclient/rc.html
@@ -86,6 +86,7 @@
        //   Time: The server timestamp of the first copy to arrive 
        //   ID: Some unique string for deduping
        //   Text: The text of the message
+       //   ServerTimes: server -> timestamp
        //   UI: The DOM node for this message in the UI
 
        function rcnick() {
@@ -149,7 +150,10 @@
                        var m = messages[i];
                        m.Time = new Date(m.Time);
                        var seen_key = make_seen_key(m.ID, m.Text);
-                       if (!(seen_key in seen)) {
+                       if (seen_key in seen) {
+                               seen[seen_key].ServerTimes[server] = m.Time;
+                       } else {
+                               m.ServerTimes = {server: m.Time};
                                seen[seen_key] = m;
                                rcaddmessagetohistory(m);
                                for (var i in servers) {