Home/ Questions/Q 7495041
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T17:58:29+00:00

I wrote a server-client app in javascript/HTML5 its supposed to allow clients to communicate/play

  • 0

I wrote a server-client app in javascript/HTML5 its supposed to allow clients to communicate/play a game in realtime using Node.js on the server side .

I know the use of private variables and etc . But how to prevent the whole game engine from unauthorised access via console api ?

As in how to write it in such a way that all variables fall in a private scope and once initiated they run pretty much independently without registering a single variable in the global scope so that nobody can mess the Game up!

From what i have researched i can do something like

 function Game(){
   // All declarations here
   // Start a logic in here
 }

and then calling it

 new Game();

will do it ? but is there any better way to do the same ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can run a JavaScript application without registering any single variable, via an anonymous function:

    (function() {
    //local variables here.
})();

    However, there is no reliable way to prevent cheating: One can easily analyse your code, and create fake AJAX requests. With the latest browsers, it’s incredibly easy to capture your code.

    With getters and setters, anyone can effectively intercept your functions. Using the deprecated arguments.callee.caller property, an attacker can read the source of the function call, effectively getting access to the closure as defined at the top of this answer.

    Example:

    var _alert = alert;
window.alert = null;
Object.defineProperty(window, 'alert', {
    'value': function(m) {
        console.log('Intercepted. Function source: ' + arguments.callee.caller);
        _alert.call(this, m);
    }
});
(function(){
    var localVar = 'secret';
    alert('Hi!');
})();
    • 0