You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dondi and I were discussing this issue and are concerned that anyone with ill intent may use a poster, like the Firefox poster, as a means of messing with the K'tah gamestate. This gives cheaters the capacity to return their player to full health, give themselves massive scores, or manipulate anything that functions from our Ajax calls.
One solution providing a sufficient amount of security would be to use an MD5 hash-key sent to, then expected from, a client with each get-post cycle; the key would be different each time, and would thwart almost all attempts to mess with the game.
Perhaps David could comment more on this with his experience in the MVC world, but a simple implementation may not be out of the question, nor would there be a whole lot of resultant overhead.
The text was updated successfully, but these errors were encountered:
Dondi and I were discussing this issue and are concerned that anyone with ill intent may use a poster, like the Firefox poster, as a means of messing with the K'tah gamestate. This gives cheaters the capacity to return their player to full health, give themselves massive scores, or manipulate anything that functions from our Ajax calls.
One solution providing a sufficient amount of security would be to use an MD5 hash-key sent to, then expected from, a client with each get-post cycle; the key would be different each time, and would thwart almost all attempts to mess with the game.
Perhaps David could comment more on this with his experience in the MVC world, but a simple implementation may not be out of the question, nor would there be a whole lot of resultant overhead.
The text was updated successfully, but these errors were encountered: