Loading...
  OR  Zero-K Name:    Password:   

Post edit history

Information about script status

To display differences between versions, select one or more edits in the list using checkboxes and click "diff selected"
Post edit history
Date Editor Before After
12/28/2023 9:52:53 PMunknownrankShaman before revert after revert
12/28/2023 9:51:25 PMunknownrankShaman before revert after revert
12/28/2023 9:45:18 PMunknownrankShaman before revert after revert
12/28/2023 9:40:26 PMunknownrankShaman before revert after revert
Before After
1 The short answer is yes but no. 1 The short answer is yes but no.
2 \n 2 \n
3 There is no [b]authorative[/b] way to determine if an opponent is running nondefault scripts without locking luaui which would defeat the purpose. Essentially whatever report you get from the client can be tampered with due to the nature of how widgets and luaui works. Sure you can make things report to you, but the report resides in client land which is user modifiable. LuaRules does not have means to access luaui information without crossing into luaui land. Anything in luaui is trivially reprogrammable. 3 There is no [b]authorative[/b] way to determine if an opponent is running nondefault scripts without locking luaui which would defeat the purpose. Essentially whatever report you get from the client can be tampered with due to the nature of how widgets and luaui works. Sure you can make things report to you, but the report resides in client land which is user modifiable. LuaRules does not have means to access luaui information without crossing into luaui land. Anything in luaui is trivially reprogrammable.
4 \n 4 \n
5 There's multiple ways to go about this: 5 There's multiple ways to go about this:
6 \n 6 \n
7 - Ofuscation of widget names, assuming a list of widgets is provided. All it takes is a malicious actor naming their widgets just spaces or some obscure/benign sounding name, or even replacing default code of some obscure widget that has limit use (say the widget that makes pings smoke). 7 - Ofuscation of widget names, assuming a list of widgets is provided. All it takes is a malicious actor naming their widgets just spaces or some obscure/benign sounding name, or even replacing default code of some obscure widget that has limit use (say the widget that makes pings smoke).
8 - Tampering with the report itself and always returning a default setup. There's no way to make the code server side (ie gadget) to see client side information. 8 - Tampering with the report itself and always returning a default setup. There's no way to make the code server side (ie gadget) to see client side information.
9 - starting widgets up via a handler widget using method one post check. 9 - starting widgets up via a handler widget using method one post check.
10 \n 10 \n
11 A better solution would be to just lock luaui for 1v1s and call it a day. There's even a moderation for it already. 11 A better solution would be to just lock luaui for 1v1s and call it a day. There's even a modoption for it already.