Menu
I'm thinking of starting to learn node.js and socket.io, but I have one question first. Is socket.io safe to use in the first place? One example from socket.io site:
<script src="/socket.io/socket.io.js"></script>
<script>
var socket = io.connect('http://localhost');
socket.on('news', function (data) {
console.log(data);
socket.emit('my other event', { my: 'data' });
});
</script>
Looking at the code, it seems that using standard tools like firebug, you could easily change data which is sent to the server, that would become a problem if I wanted to create, say a multiplayer game, as I'd be passing data which shouldn't be modified, like for instance: item indexes, monster indexes, etc.
Sorry if I sound dumb, since I haven't yet started learning socket.io.
237
As @SLaks said-it is impossible to verify that client is not modifying their data. Therefore server validation in any transaction is needed. It is best to just do most game computations on the server. You are right that with Javascript it is easier for potential cheaters to exploit the game, because they can just hit F12 and start hacking. It is much more complicated with regular games, but still very much possible. One way you can protect yourself from not clever hackers is by minifying the JS code for your game.
58
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
