What is the best method to prevent unauthorized requests being sent to your server? For example I have an ios game which sends a users name and score to my php server. Whats preventing someone from just sniffing the traffic and seeing the simple request to:
now cant anyone just copy paste that url and change that values to anything "cheat" the game?
All I can think to do is send a key with the url and check the key is correct, but if someone is sniffing the url they can see they key and its pointless anyway?
what am i missing?