Is there a way to stop using custom JavaScript code on my page?

Question

Is there a way to stop using custom JavaScript code on my page?

I am thinking of creating an HTML5 game. I understand that probably no one will try to cheat, but I want to make sure (and I am interested to know if there are any good methods).

I understand the benefits of having open source software and would like my code to be read and simple. However, in a situation such as a game where the user account will be sent to the server, which will be saved, I see a problem in the fact that the user can open their devtools (F12 in most browsers) and change the script or values in variables to give themselves a higher score or a hundred lives. I don’t care if people do this, but I don’t want their ratings to be preserved.

Example: Candy Box 2 (candybox2.net) took me less than 20 seconds to get 100,000,000 candies.

Is there any way to stop this?

+6

javascript html5

user1877408 Mar 05 '14 at 20:21

source share

1 answer

Jeffrey hantin · Accepted Answer · 2014-03-05T20:27:24+0000

The most reliable way to stop this is to start all server-side server logic only by accepting commands from the browser. If the key variables are not in the browser (or the copy in the browser is a cached copy and is never accepted as authoritative), then client-side manipulation can do nothing but, perhaps, automate user interface actions.

If the client code must be protected against unauthorized access, you have already lost ; this way lies PunkBuster , Valve Anti-Cheat , and other mechanisms that usually require the user to allow you to constantly install the rootkit on your computer so that you can make sure that it is not cheating.

For some of the projects I’ve been working on lately, using ASP.Net as the back-end, I found SignalR to be a very effective Comet- type link layer for JavaScript and dynamic HTML, even using HTML 5 WebSocket support, if any.

Is there a way to stop using custom JavaScript code on my page?

More articles: