tags:

views:

286

answers:

3
+2  Q: 

Does HTML 5 Gaming use Canvas and Javascript? How to prevent cheating in this case?

Does HTML 5 Gaming use Canvas and Javascript? How to prevent cheating in this case?

For instance, what if a user uses GreaseMonkey or some tool to alter the script so that it just reports a perfect game score to the server every time?

+6  A: 

Instead of sending scores from user, send actions to server side everytime and calculate scores at server side

S.Mark  2010-04-26 04:06:17
what if it is a game of invader or Restaurant City... we can't send each tiny action to the servers, and even if we do, we can send all "perfect" actions.
J Lynch  2010-04-26 04:13:15
@J Lynch: Why can't you? What kind of game is it? If it's something like Invaders, sure, someone could recreate a "perfect scenario" but that would take a lot of work on their part, and most cheaters won't want to spend the time. :)
musicfreak  2010-04-26 04:15:34
@J Lynch, regarding tiny actions, you could combine and queue some actions and send at certain interval to check those.
S.Mark  2010-04-26 04:25:17
A: 

Obfuscation. Its google, and your, number one tool against prying javascript eyes. Google Javascript Obfuscation and you'll come across a million tools.

http://www.javascriptobfuscator.com/Default.aspx for one.

Dested  2010-04-26 04:41:12
+7  A: 

I'll answer your question with a question of my own: Why don't we see rampant cheating in World of Warcraft? Or any other MMORPG for that matter?

The answer is because the game manufacturer keeps all game state serverside.

  • If I'm the client and I'm in charge of reporting damage done to the enemy, or my location, yeah of course I can cheat and tell the server I did 1 million damage.

  • On the other hand if the server keeps track of state and I only inform the server of changes to state, all I can do is tell the server "I moved left" or "I fired my gun" <-- anti-cheating is built into the architecture of the game

Of course, you did bring up the point of "perfect actions" - the case would be an action game, a shooter, etc. where objects could be identified and the "perfect action" send. And to that I'd say: this sort of cheating already exists, really. And it's existed for many years. So I don't see how anything changes just because these are javascript games.

ambertch  2010-04-26 05:18:01

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript