One aspect of security when releasing your title is specific to the save game profiles. When we first implemented the save game profiles, we had the JSON serialize output from the ObjectMap
object to a nice, readable format. This was intentional so that you could easily modify the save game state in order to test out edge cases, simplifying the process for duplicating bugs. For final release though, we will want to make the save game profile more difficult to edit, thus making it more difficult for a player to exploit the game.
Again, LibGDX makes this extremely easy with a few method calls using the Base64Coder
class. The Base64Coder
class encodes and decodes String
objects using the Base64 format. The Base64 format is an encoding scheme where we take some binary data and translate it into its numerical Base64 representation. The following is a source snippet from ProfileManager.java
with the changes:
import com.badlogic.gdx.utils.Base64Coder; ... public...