简体繁体中英

How to encrypt user activity information in the browser so it can't be spoofed?

原文 2011-10-24 07:02:22 6 2 javascript/ ajax/ dom-events

My users are performing some actions on my website like clicking buttons. I need to award prizes if a certain sequence of buttons has been clicked. For every action I store the action information.

When they are done the activity information is sent to the server. How can I ensure they didn't just send me that information manually, but actually performed all required actions on the page, eg didn't spoof it?

2 answers

Since the browser needs to understand the code, any determined human can do it too.

However you can compress your code using for instance Google Closure compiler. That will discourage most cheaters.

But if you really do want to keep things secret, only the server can guarantee you that.

In addition to Mic's answer (+1, very correct) note that no matter how well you protect the JavaScript, someone can use a UI automation testing tool (eg Selenium ) to script the clicking of buttons without any need to defeat your JavaScript.

Clicks are sent to the browser in a programmable manner and the browser has no idea they didn't come directly from user interaction.

how to encrypt string data so that it can only be decoded by the computer it resides on?

How can I encrypt JavaScript code so that it's not decryptable?

How to disable button so user can't enable it again

how reliabile is document.referrer, can it be spoofed/ faked?

How to make a browser display a "save as dialog" so the user can save the content of a string to a file on his system?

How can I make it so that the same user cannot like a photo twice despite refreshing browser?

Can http_origin be spoofed?

Can a message acknowledgement be spoofed in SocketIO?

How can i get device information and browser information in javascript?

Can't get to recover the user information

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to encrypt string data so that it can only be decoded by the computer it resides on? How can I encrypt JavaScript code so that it's not decryptable? How to disable button so user can't enable it again how reliabile is document.referrer, can it be spoofed/ faked? How to make a browser display a "save as dialog" so the user can save the content of a string to a file on his system? How can I make it so that the same user cannot like a photo twice despite refreshing browser? Can http_origin be spoofed? Can a message acknowledgement be spoofed in SocketIO? How can i get device information and browser information in javascript? Can't get to recover the user information

Related Tags

How to encrypt user activity information in the browser so it can't be spoofed?

Question

2 answers

solution1
5 ACCPTED 2011-10-24 07:06:38

solution2
5 2011-10-24 07:10:16

How to encrypt user activity information in the browser so it can't be spoofed?

Question

2 answers

solution1 5 ACCPTED 2011-10-24 07:06:38

solution2 5 2011-10-24 07:10:16

solution1
5 ACCPTED 2011-10-24 07:06:38

solution2
5 2011-10-24 07:10:16