This object is in archive! 

Addition to mod API: Secured client requests.

Foogs shared this feedback 6 years ago
Completed

Hi im need secured requests between server mod and client mod

>> MyAPIGateway.Multiplayer.RegisterMessageHandler(66666, MessageHandler);

>>MessageHandler not have a "sender" field, and clients can ez fake the data...

Im mean if im have on server unsafe method like DeleteGridsOwnedBySteamId(ulong steamId);

Im want to trigger that from client. But clients can fake request data!

In internal game code u have events with sender steamid and u check if sender have admin rights. But modders cant use this events.

f71a48ebe4ebb6c0fb771721248d7523

so.

Modify or add new MyAPIGateway.Multiplayer.RegisterSecuredMessageHandler(66666,SecuredMessageHandler);

SecuredMessageHandler(ulong SenderSteamId, byte[] bytes);

Replies (8)

photo
3

WHERE KEEN!!!

photo
3

^up^

photo
1

KEEN, where are you??? Pls write any comment, todo?

photo
2

KEEN???

photo
2

We directly need that thing, so could you turn your look on this topic, keen`s? :)

photo
1

It's really a big issue but doesn't worry about that, you just turn on the API and secure your server with client mod.

By: Genuine Coursework Writing Help

photo
1

Fixed with this update, yeey

20 months to do

photo
1

Hello, Engineers!

This shall indeed be fixed from version 197.

Kind Regards

Keen Software House: QA Department

Replies have been locked on this page!

You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!
You can't vote. Please authorize!