Addition to mod API: Secured client requests.

Foogs shared this feedback 2 years ago
Completed

Hi im need secured requests between server mod and client mod

>> MyAPIGateway.Multiplayer.RegisterMessageHandler(66666, MessageHandler);

>>MessageHandler not have a "sender" field, and clients can ez fake the data...

Im mean if im have on server unsafe method like DeleteGridsOwnedBySteamId(ulong steamId);

Im want to trigger that from client. But clients can fake request data!

In internal game code u have events with sender steamid and u check if sender have admin rights. But modders cant use this events.

f71a48ebe4ebb6c0fb771721248d7523

so.

Modify or add new MyAPIGateway.Multiplayer.RegisterSecuredMessageHandler(66666,SecuredMessageHandler);

SecuredMessageHandler(ulong SenderSteamId, byte[] bytes);

Comments (8)

photo
3

^up^

photo
1

KEEN, where are you??? Pls write any comment, todo?

photo
2

KEEN???

photo
2

We directly need that thing, so could you turn your look on this topic, keen`s? :)

photo
1

It's really a big issue but doesn't worry about that, you just turn on the API and secure your server with client mod.

By: Genuine Coursework Writing Help

photo
1

Fixed with this update, yeey

20 months to do

photo
1

Hello, Engineers!

This shall indeed be fixed from version 197.

Kind Regards

Keen Software House: QA Department