Comments (4)
I'll chime in my two cents here as well.
For me, it was self-evident that usage of this application is at your own risk and the security conserns were even written in the docs and I initally implemented JSON for that exact reason. Although I think it is unlikely that Embark would ban anyone using this software as it is not easy to detect, the risk remains, your initial comment made me realise that it doesn't matter what I write in the docs, people will do things without understanding what they are doing. That's why I've removed the JWT token entirely from the project and currently in the middle of moving the parsing logic from the backend back to the frontend.
For the future, I don't think I'll bring back the JWT authentication as it doesn't get me closer to my goals .
from the-finals-tracker.
Yea, I kinda took it as obvious that the use of this software is at your own risk, but added it to the readme of both projects just in case.
When it comes to your JWT token, you can rest assured that I do not have it and it doesn't get logged or stored anywhere in the server.
from the-finals-tracker.
In fact, you can get access using an old JWT token via cookies stored locally on the browser, so not on the server
Cookies are not a local thing and they are fully visible to the server. My point was not only about storing the data on the server side but operating with the private data that is collected in a prohibited way in any sense to get rid of any responsibility of what will happen with the user account later.
There is not much reasons to have a questionable solution if there is a simple currently working alternative to collect json data and display the stats without worrying about some technical private data.
I think the best solution is to ask for a public api !
Would be great to have this! But for some reason they decided to make it private for now. Maybe they will turn it public later and author will have an already working solution for it without any risk.
So, have you really been banned from the game @Screamer27 or did I misunderstand ? It'd be funny if Embark Studios banned such a ridiculous action when there are so many cheaters in their game without getting banned.
I have not been banned yet for this but as i said previously, the way of intercepting the traffic and transferring the data to some different resource is obviously not allowed by the game Terms of Services. I don't think that having a good intention by using a prohibited methods will be a good argument if their anti-cheat software will decide to ban you because it found some suspicious actions. Also, making a request with a token to get the stats from a different machine/IP that might be related with different multiple accounts (some of them might be account of cheaters) does not looks safe
Still, it is up to you to use it or not. Good that the project page currently has a warning for users so they are acknowledged about this
Edit : I don't speak English very well, so I apologize if I make mistakes or use awkward phrasing, and the same goes for my comprehension.
Don't worry, you are totally fine
from the-finals-tracker.
In fact, you can get access using an old JWT token via cookies stored locally on the browser, so not on the server. I find it very practical to have a cache and not have to reset the token each time.
I think the best solution is to ask for a public api ! So, have you really been banned from the game @Screamer27 or did I misunderstand ? It'd be funny if Embark Studios banned such a ridiculous action when there are so many cheaters in their game without getting banned.
Edit : I don't speak English very well, so I apologize if I make mistakes or use awkward phrasing, and the same goes for my comprehension.
from the-finals-tracker.
Related Issues (4)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from the-finals-tracker.