sarukuku / retris

Remotely playable tetris
0 stars 2 forks source link

Security improvements #78

Open szokodiakos opened 5 years ago

szokodiakos commented 5 years ago
cxcorp commented 5 years ago

Throw out first person in queue after 30 secs of not starting the game.

Implementing this on the backend would require some pervasive or possibly fragile changes to the state class because of all possible cases.

Do we need to implement this on the backend? On the frontend, this would be quite simple to implement with a timer and page refresh, but is there a threat of someone showing up with a laptop, patching it out and blocking the queue?