Search the Community

Showing results for tags 'security'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • HTML5 Game Coding
    • News
    • Game Showcase
    • Facebook Instant Games
    • Web Gaming Standards
    • Coding and Game Design
  • Frameworks
    • Phaser 3
    • Phaser 2
    • Pixi.js
    • Babylon.js
    • Panda 2
    • melonJS
  • General
    • General Talk
  • Business
    • Collaborations (un-paid)
    • Jobs (Hiring and Freelance)
    • Services Offered

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



Website URL





Found 9 results

  1. Hi Guys, I recently using the last version of PIXI.js (1.5.1) and we are dealing with some problems with particular texture (that texture is in another host). Uncaught SecurityError: Failed to execute 'texImage2D' on 'WebGLRenderingContext': The cross-origin image at XXXXXX may not be loaded. To load the texture i'm using the asset loader and setting the crossorigin property by true. // assetsToInitloader has the url to the texture var preloader = new PIXI.AssetLoader(assetsToInitloader); preloader.onComplete = onAssetsInitloaded; preloader.crossorigin = true; preloader.load(); The same code is working fine on Safari, and having problems on Firefox and Chrome. Thanks in advance, Cheers!
  2. From today I am getting a Blocked loading mixed active content message whenever the page uses an external url and var s = document.createElement("script"); s.src = url; document.head.appendChild(s); This affects a number of PGs including, among others, Jerome's dynamic terrain PGs. This seems to be because the playground is now delivering all pages using https. Is this a recent change? When this happens the PG can be unblocked using the lock icon next to the PG address. This is annoying. If security demands https then in future all demonstrations of new functions will require the direct placement of the new functions as code within the PG editor, Can this decision to deliver all PG pages by https be reversed or are security concerns such that delivery for all PGs must now use https?
  3. Hi again, I made a game with Phaser framework and created an apk file with cocoonjs' web site but when I try to upload the game to the Play Store, I get an error about security. Google wants a key but even I try many things I couldn't create a key, I used android studio but the studio does not create a key for an apk file. I think the studio can add key just for xml files, Is there anyone who made games with Phaser and puslished them on Play Store? If so, can you explain everything about creating keys step by step, thanks.
  4. Hello everybody I am in need for some guidance and advices so if any of you knows of any way to help, everything is appreciated We will soon start developing casino-style games for a client of ours. So imagine very simple to play games such as slots, flipping cards, etc. User will make a single "Play/Spin/Draw" action and be presented with the outcome of the game. The games will be available on their website and need to be accessible to people through their web browsers on their computers and cellphones. The only "trick" is - the games will be linked to players' real accounts and real money will be both lost and won in those games. Now, the first and most important question is, what approaches to take to make the game tamper-proof and as secure as possible? I couldn't find very much material online, or maybe I just didn't know where/how to look. What I did manage to find out is what is pretty much known to me already - the server is the king. So, when the user is playing a game and makes a roll of the dice or the slots, the request is sent to the server, a result is generated, stored in the database and returned. "That way the user has absolutely no way to do any harm and we can always keep everything in control" -> is safe to make such an assumption, or is it too ignorant/naive? If the user modifies the sent value (for example bet amount), it will still be validated on the server anyway? If the user modifies the return value (for example game outcome/win amount), it still won't matter because the server has already saved the valid outcome and while it might bring joy to the user to see fake winnings, he still won't be doing us harm? Of course, we would still love to minimise (or eliminate, if possible) such events rather than let everyone have a go at trying to modify the game behaviour. Regarding the implementation of the game, security aside, it seems to me that the obvious approach to take would be one of the available HTML5/JS/CSS game engines. But isn't there the problem that with that kind of game the source is always visible and accessible? I am aware there are "uglification" methods which make the code harder to read, but is that enough to keep hobby "hackers" (or even more determined ones) away? Should I worry about the "ease" with which someone can gain access to the client side code when we use this approach, or should we focus on other elements? Also, regarding the client-server communication, how to handle it to ensure maximum security? Are sockets the way to go or something else? I saw on some other sites which host that kind of games that they use Flash, is there any security reason for that? Anyway it isn't really an option as first, we don't have any real experience with it, and second, we have to keep all mobile devices in mind. Any advices, experiences, links to existing articles/documentation/tutorials etc. which deal with the whole matter would be greatly appreciated! Thanks and Kind regards Darko ---- EDIT Just noticed this thread might fit better under "Coding and Game Design" so if a Mod would be kind enough to move it, I'd appreciate it
  5. Hello everyone, I noticed a weird trend as soon as we start talking about code protection issues within html5 games /simple-page applications . Everyone seems to say that "as soon as it is Javascript, you can't hide anything" . Meaning you can't prevent someone to uncover the hidden solution to level 5 by looking at your code, or simply to copy it. This spawns a lot of issues, especially piracy and game-design related. So, what are the most effective protection mechanisms you can add to your html5 game?
  6. Hello friends. I've a security question. I've done two mini-games for my company. I really enjoyed the chance of using Phaser in my work and not for fun, as I usally do. My boss liked it too, so good news. But he is concern because everybody are able to see the code with the elements inspector. My question is if there's some easy way to hide or protect the code from visitors, in order to avoid that our competititors steal the code for their own pages. Any advice? Thanks a lot!
  7. Hi, this is more of a request to Phaser admin than a question.... it would be good if we could use the assets from the examples in the sandbox (currently there's a security restriction)...this would make it easier to share example techniques on the forum, based on modifications to the original examples for now I've just suggested posting some modified code from pastebin into the original example (eg here just an idea anyway if it doesn't cause any issues. thanks J.
  8. I've searched it up, there are alot of so called solutions, but they are all easy to bypass. For example, you can disabled click, so you can't right-click view-source. But the workaround is simple: just go to your browsers' web console, for example in Firefox you can easily see the URL of the script. What are your experiences/tips/methods? Let's make a list: - code obfuscation (i.e. )
  9. Microsoft Security Bulletin MS13-037 - Critical This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.