Home > Enterprise >  JavaScript security: access objects within (function(){})
JavaScript security: access objects within (function(){})

Time:08-19

Even though, I am not a JS newbie, I still have never used (function() {}) before as there was no need. But now I am concerned with security on userside level for my JS game to avoid cheating. So what I did is I placed the following code in my js file:

(function() {
    'use strict';
    
    let a = 1;
});

I tried to access the a variable from console and I couldn't. So I wanted to know - will users be able to access those variables and change them if I use this kind of structure?

CodePudding user response:

There is nothing you can to do completely secure that variable. Users will still be able to access it using the debugger, local overrides, or probably other means as well.

A value like that which you need to be immutable to a skilled browser user needs to be stored on a secured backend (server, api, or something).

For example see: Is there a way to change variable values while debugging JavaScript?

  • Related