Firefox暂存器和安全性
[英]Firefox scratchpad and security
问题描述
I'm developing an HTML5 game using javascript and canvas, and I wonder how to protect it from the firefox scratchpad or any other script injection tools like it. 
我正在使用javascript和canvas开发HTML5游戏,我想知道如何保护它免受firefox暂存器或类似它的任何其他脚本注入工具的攻击。
If any user can run its own code in mine, I really don't see how to prevent him from calling the onWin() method or modify its score to 1 billion and so on. 如果任何用户都可以在自己的代码中运行自己的代码,我真的看不到如何阻止他调用onWin()方法或将其得分修改为10亿等等。
That's such a huge security breach that I'm now thinking about re-code it in flash or java. 那是一个巨大的安全漏洞,我现在正在考虑在Flash或Java中对其进行重新编码。
What do you think ? 你怎么看 ?
Regards. 问候。
1 个解决方案
解决方案1
0 2014-01-22 12:00:44
Here is what you need to do: 这是您需要做的:
- At server side you need to check only authorized user is able to update any data in server. 在服务器端,您需要检查仅授权用户能够更新服务器中的任何数据。
- So if any update request is coming to server from client before updating you need to make sure the client is authorized to do so. 因此,如果在更新之前客户端有任何更新请求来自服务器,则需要确保客户端被授权这样做。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.