I'm finding lately how unsecure Javascript is when programming a game (I'm trying to do a turn based RPG and currently the battle calculations are done through Javascript which any player can cheat with of course giving themselves as much XP as they want), so I'm wondering if I were to move my battle screen to flash if this would be any more secure, or is there just as easy of a way to cheat this?
相关问题
- Is there a limit to how many levels you can nest i
- How to toggle on Order in ReactJS
- void before promise syntax
- Keeping track of variable instances
- Can php detect if javascript is on or not?
Come on. It's the same question really. Answer remains the same too:
No matter what the game, whether
JSFlash or native binary, if the scoring system is vulnerable, people will tamper if the game is good enough. Stick to clever serverside every time.This is not a problem that can be solved by obfuscation at the client end. There's plenty of prior art concerning keeping high-score tables/game data secure. Sharpen your google-fu and have a look.
Although the title of this post would suggest it's not applicable, I'd consider the difference between a browser/non-browser game to be irrelevant in this regard. As such, take a look:
Secure Online Highscore Lists for Non-Web Games
This is very slightly safer as flash source is harder to read then js source. However neither is particularly safe.
As I said in a previous answer, a secure system can not trust client score input. It doesn't matter whether the intended program is Flash or JavaScript. Once you send the program to the client they have any required key. So you can't rely on the client giving you accurate scores. The only reliable way to do it is to move score calculation to the server. Then, for a bot to play it still would have to calculate every movement manually.