Thanks for the info. I’ve written the widget in React, and then I run a webpack build to bundle it up. I add a script tag to link to that bundle. Do you see any issues with this setup?
Currently i’m using socket.io to communicate between the widget and my meteor app. It seems to work as expected, but am not sure if this is an ideal solution.
What i’ve currently done to identify requests, is check the hostname of where the widget is installed (eg.
localhost) and pass that up with emitted messages. I have a field on the
Meteor.user() document which contains their website. The obvious issue is that a user could sign up and enter a URL they dont own (like
example.com) and they would be able to see messages that were emitted from that site if the widget is installed there. What is a better way to handle this scenario?