Cheating too easy / Security problem #1
Comments
|
The first thing you can do is writing a gulpfile to minify the js file. It's not "hackproof" or something like that but a step in the right direction. You can find an example here. Also, you should never ever make your firebase APIKey publicly visible. Happy coding 😉 you got this :) |
|
Another "hack" is possible: var newscript = document.createElement('script');
newscript.type = 'text/javascript';
newscript.async = true;
newscript.src = 'https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js';
(document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(newscript);
var rightEl = $('#rightText');
var leftKeypress = $.Event('keydown', { keyCode: 37 });
var rightKeypress = $.Event('keydown', { keyCode: 39 });
function arrowTrigger(direction) {
switch (direction) {
case 'left':
$('#game').trigger(leftKeypress);
break;
case 'right':
$('#game').trigger(rightKeypress);
break;
}
}
function hackSite() {
if( rightEl.css('display') == 'none' ) {
arrowTrigger('left');
} else {
arrowTrigger('right');
}
}
function startHacking() {
setInterval( function() { hackSite() }, 100 );
}
function stopHacking() {
for (var i = 1; i < 99999; i++)
window.clearInterval(i);
}
startHacking();I've got bored at 4766 points One way could be if you make RIGHT/LEFT words appear in canvas maybe. Anyways nice. Keep up the good work. ;) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It's fairly easy to change the code on runtime. Just open developer option (e.g. in Chrome with
cmd+alt+i) and edit theclient.jsfile.I replaced
if( userInput != game ){in
Game.prototype.verifyAnswerwithif( 1==0 ){and reached a top score of 234. I could have played it forever clicking anything and it will always be correct.
You should consider using a server side game engine. But then you can't use github pages.
The text was updated successfully, but these errors were encountered: