如何在JavaScript中制作安全游戏？ [英] How to make a secure game in javascript?

问题描述

我正在使用javascript一些html和css开发游戏，我想知道是否有任何方法来保护游戏，以便用户不能只是调用game.php？result = victory来完成游戏，赢得一些积分。

I'm working on games using javascript some html and css, and I was wondering if there was any way to secure the game so that the user can't just call game.php?result=victory to finish the game and earn some point.

目前我的解决方案是现在的。

As of right now here are the solution I have.

• 对于机会游戏，启动页面
  并且结果已经到位，赢取
  或者松散，然后只需要做一些
  动画来显示它，但是所有
  得分和胜利/松散的东西是
  服务器端。

• For a chance game, start the page with the result already in place, win or loose, then just do some animations to show it, but all the score and win/loose stuff is done server-side.

对于一场战斗游戏，只需从
获取
行动javascript调用，
执行损坏计算，反应服务器上的oponent
，只需
发回数据。

For a battle game, just get the action from the javascript call, and do the damage calculation, reaction of the oponent on the server and just send back the data.

但最后一个解决方案意味着每次用户做任何事情时我都必须发送动作。这可能适用于转弯战斗游戏，但我认为对任何其他类型的游戏都会放慢速度。所以我的问题是，是否有某种安全的方式我可以准备我的javascript来保护发送的信息。

but the last solution imply that I will have to send actions each time the user do anything. This might work for a turn by turn battle game, but I think it would be to slow for any other kind of game. So my question is, is there some kind of secure way I can prep my javascript to secure the infomation sent.

推荐答案

唯一确保它在服务器端进行所有计算和验证的方法。这就是几乎所有在线游戏的完成方式。客户端永远不可信任在线通信，您必须始终确保在服务器端用户实际上正在做有效的事情。 （理论上无论如何，在实践中你必须相信客户端有点滞后补偿并将一些非关键的东西卸载到客户端）。

The only way to make it secure it to have all the calculation and validation occur on the server side. That's how it's done on pretty much all online games. The client can never be trusted in online communication and you must always make sure on the server side that the user is actually doing something valid. (In theory anyway, in practice you have to trust the client somewhat for lag compensation and offloading some noncritical stuff to the client side).

因此，javascript不是用于开发在线游戏的非常好的语言，因为每个操作都需要由服务器处理和验证。对于其他编程语言而言，这不是一个大问题，因为您可以使用TCP / IP为服务器和客户端构建自己的通信协议。但是，对于javascript，没有这种可能性，因为您必须依赖HTTP协议和XMLHTTPRequest处理程序，这会导致非常低效的实时客户端 - 服务器通信。

For this reason, javascript is not a very good language for developing an online game, as every action does need to be processed and validated by the server. For other programming languages it is not such a huge problem, because you can build your own communication protocols using TCP/IP for the server and the client. However, for javascript there is no such possibility, because you must rely on the HTTP protocol and the XMLHTTPRequest handlers, which make for a very inefficient live client-server communication.

就像你说的，你总是可以在javascript中使用界面，但为了安全起见，你仍然需要在服务器端执行大量的工作，这肯定不适用于需要更多操作导向控制的游戏。因此，如果您需要安全性，那么您几乎只能使用基于回合的游戏。

Like you said, you can always do the interface in javascript, but for security, you still need to perform plenty of stuff on the server side and this certainly doesn't work for games that require more action oriented control. So, you are pretty much limited to turn based games, if you need the security.

这篇关于如何在JavaScript中制作安全游戏？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！