I want to give a player the ability to control game variables i.e. total number of points to achieve, speed increase of enemies and much more.
Once you click on the advanced, you are moved to another layout with more things to enter.
Question 1: Is it really the way to have such a form? If there are other ways, please post a screen shot or link somewhere.
I suppose, i do not sanitise the form with values except for limiting the character length or maximum/minimum number. Or should i "sanitise" it somehow. Sb once told me that as a general front end practise, i should do the following:
"You still SHOULD output encode any value accepted as input. Depending on how your app receives input (e.g., some could accept values from URL on load, etc.) it could still be vulnerable to certain XSS attacks.
It's probably not just given how simple it sounds like your app is, but you are better off just 99.999% using output encoding at ALL times (its default on a lot of frameworks with binding for a reason)".
Question 2: Isn't it done by construct 2/3 by default?
If not, how should i do it?
I am going to have my game on Amazon S3, it is going to be a front end only static website.