Menu
Imagine you have a simple JavaScript function like this:
function something() {
console.log("You called that function");
}
You can ofcourse include the Script file into your HTML file and call the function. The problem is that JavaScript is clientside and so everybody can call this function using the google chrome adress input or the firefox console for example.
How can i prevent that? If you implement a game or something where user can be in a scorerlist or something it is easy to manipulate this scorerlist for example.
639
How can I prevent that?
You can't.
Everything you do client side must be considered unsafe. Never assume something is checked or valid because it passed some client side checks. You should always use server side validation for every check you do client side. Always!
If you implement a game or something where user can be in a scorerlist or something it is easy to manipulate this scorerlist for example.
Yes, on that client. So why do you care? The scores should be calculated server side, so changing the UI client side doesn't help anything.
Let Jon Skeet get scared!
128
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
