Any tips to prevent cross-site / xss scripting?

Get help using Construct 2

Post » Thu Oct 20, 2016 9:34 am

I created a simple multiplayer game https://www.scirra.com/arcade/rpg-games/minero-11875 that performs ajax polling to synchronize maps and players. Some of my users tells me that the maps are not loaded due to cross-site scripting issues, (1) in general can ajax polling / long polling be an alternative to make online games? for android / ios / cordova support ajax call from phone to a remote site? (2) anyone tried creating a working game that implements polling?
sleep is only for the weak!
B
91
S
30
G
12
Posts: 139
Reputation: 12,013

Post » Thu Oct 20, 2016 11:16 am

Im preparing myself to get back to construct and the idea, even knowing its probably not the best one, will be to use some sort of ajax to sync things in my game.
I think i wont have that many sync issues you're having because of the game style: by testing your game and checking network on chrome, i think youre polling entire map everytime, right? For this game style (action intense) i think your option would be syncronize every action (every tile dug), triggered by the action itself. Also, as the pace is really fast, the best option would be websockets. Maybe even multiplayer in C2, having a couple worlds preset and state saved, i mean, generating it upon creation only, and then saving its layout.
Sorry if not clear enough.
Also, i really liked the artwork, but i missed a tuto/ gae control info lol.
About the mobile supporting ajax, not sure but i think it works.
English is not my native language. Sorry for any mistakes and feel free to correct me if needed.
B
14
S
5
G
3
Posts: 113
Reputation: 3,231

Post » Fri Oct 21, 2016 3:27 am

Cassianno wrote:Im preparing myself to get back to construct and the idea, even knowing its probably not the best one, will be to use some sort of ajax to sync things in my game.
I think i wont have that many sync issues you're having because of the game style: by testing your game and checking network on chrome, i think youre polling entire map everytime, right? For this game style (action intense) i think your option would be syncronize every action (every tile dug), triggered by the action itself. Also, as the pace is really fast, the best option would be websockets. Maybe even multiplayer in C2, having a couple worlds preset and state saved, i mean, generating it upon creation only, and then saving its layout.
Sorry if not clear enough.
Also, i really liked the artwork, but i missed a tuto/ gae control info lol.
About the mobile supporting ajax, not sure but i think it works.

Thanks for the feedback. For my next prototype I am currently testing websocket with ajax polling / or with long polling as fallback or what ever works. Will consider all the possible improvements in content generation as you have mentioned. Currently on the data of 10-20 users, following a linear projection. The current system can be comfortable with at most 1000 concurrent users . Either I scale the server or put more improvements on my end. Thanks again.
sleep is only for the weak!
B
91
S
30
G
12
Posts: 139
Reputation: 12,013


Return to How do I....?

Who is online

Users browsing this forum: Yahoo [Bot] and 2 guests