Sorry for the frequent question.
I would like to proceed with client-based result processing.
However, in this case we can do a "Replay Attack", so we want to process the result only once.
What method can I use in this case? Please advise.
With a server plugin running, you'd have to check if you got any message earlier and skip processing.
A simple approach would be to add a sequence number. This can be hacked easily, of course, if it's just one number somewhere in the data. There should be ways to encode the sequence into the data or you simply encrypt the message.
Disclaimer: I am not a security expert, nor does the Photon team provide security consulting as such. So consider this a simple idea and make sure you know the implications of this.
Hey guy, try that
private bool replay=false;
If (replay==false&& otherCondition==true)
/*Then you reset replay to false in other moment that you need to ReplayAttack again*/
Thank you for your reply.
But the answer I want is to prevent replay attacks on my backend server.
There is no way to check when the resulting processing is sent from the client to the backend, so when sending the same information over and over again, I want to process the same information only once.
analyze performance and traffic on our website.
By clicking on the „Accept All“ button you consent to the use of non-functional cookies and the subsequent
processing of personal data to optimize our website and services as described in more detail in our
By clicking on the „Customize or Deny all“ button you can decide otherwise.
Clicking on the „Customize“ button will take you to a page where you can configure the usage of non-functional
cookies (and related technologies) or deny all of them. You can access these settings at any time and also
subsequently deselect cookies at any time in the footer area of our website.
We use the following categories of cookies and related technologies to enhance your experience,
show you personalized content, and analyze performance and traffic on our website.
We respect your right to privacy and accordingly you can chose to not allow some types of cookies (and related technologies).
Click on the different category sliders and change our default settings to manage your cookie settings.
For more information on the specific cookies/related technologies we use and on how we use these,
Authentication cookies we use are required to run our services … Cookies are required:
These cookies collect anonymous data and allow us to optimize our
website and user experience. These cookies are listed here:
Help us to understand how visitors interact with our services, enables us
to analyze and improve our services (also through third party analytics).