Addition to mod API: Secured client requests.

Foogs shared this feedback 22 months ago
Submitted

Hi im need secured requests between server mod and client mod

>> MyAPIGateway.Multiplayer.RegisterMessageHandler(66666, MessageHandler);

>>MessageHandler not have a "sender" field, and clients can ez fake the data...

Im mean if im have on server unsafe method like DeleteGridsOwnedBySteamId(ulong steamId);

Im want to trigger that from client. But clients can fake request data!

In internal game code u have events with sender steamid and u check if sender have admin rights. But modders cant use this events.

f71a48ebe4ebb6c0fb771721248d7523

so.

Modify or add new MyAPIGateway.Multiplayer.RegisterSecuredMessageHandler(66666,SecuredMessageHandler);

SecuredMessageHandler(ulong SenderSteamId, byte[] bytes);

Comments (6)

photo
3

^up^

photo
1

KEEN, where are you??? Pls write any comment, todo?

photo
2

KEEN???

photo
2

We directly need that thing, so could you turn your look on this topic, keen`s? :)

photo
1

It's really a big issue but doesn't worry about that, you just turn on the API and secure your server with client mod.

By: Genuine Coursework Writing Help