# Penguin Racing (Part 2)

Continuing the discussion from Penguin Racing (Part 1) - #122 by joecooldoo.

Previous discussions:

Now I've added username detection to my crashing code. now we can detect if someone is un-authorized.

I ment that you shouldn't hijack the Uni Gottingen server.

Why shouldn't I?

@jens talked about it in a topic that has been deleted.

Im only putting very small amounts of data that are automatically deleted after the project is stopped.

@helicoptur and @joecooldoo would you like to continue work on the game?

well how does this work?

Um, it picks a random port, and the cloud var is a bunch of random characters.

Im gunna make it harder for hackers to hack

Still, it isn't good practice to use someone else's server.
Imagine if a Snap! project used Google's database.

I got the cloud stuff from another person. Go talk to the person who made them.

@helicopur, I put this code in a not block to detect if its in the editor and it reports false everytime:

return location.href === parent.location.href;


You need to put the JSf block in a call block.

yeah... @programmer_user needs to think a little... but what he means that we need to take some precautions... but for what... he allowed anyone to use them...

well what does that do?

its for protection

it returns true if you're in the editor, and false if the project page.

If someone left a insecure endpoint, does that mean you should exploit it?

@programmer_user , if you want your "secure endpoints", you go MAKE THEM!