Possible Duplicates:
Ajax Highscores security
Is Flash/Actionscript any safer than Javascript for persistent online game?
I have a google appengine high score board for a chrome extension game written in javascript. I'm currently submitting high scores with an xmlhttprequest, so anyone can write a little bit of javascript and manually submit any score they want. Is there any way to secure this interaction so people can't submit whatever they want? From what I've read so far, there isn't much that can be done on the client side, but maybe on the appengine side?