JoeBussard
commented
2 years ago Done
Closed JoeBussard closed 2 years ago
JoeBussard
commented
2 years ago Done
JoeBussard
commented
2 years ago Just include solution:<your-secret-word> key value pair in JSON or form-data when you send a POST request to /v1/game :D
If you give someone the link to a game with a custom solution, he can literally just send a POST request to change the solution to any other word and then guess that word on his first turn and win.
This is because you first create a new game, then send a second request to change the solution, to generate a game with a custom solution. This should be changed so that the custom solution is sent within the request to make a custom game, and solutions cannot be changed and can only be set when they are created.