I recently started using Parse and have been exploring the documentation and answered questions. However, I still have a couple of inquiries on my mind.
Firstly, I discovered that the Javascript SDK does not function on IE9 and IE8 without an SSL certificate. Can Rest API be utilized to work with these browsers even without an SSL certificate?
My second question pertains to the security of Javascript and API/SDK keys. While I've seen suggestions like checking for valid sessions and limiting certain actions for users, how can I prevent users from manipulating their own scores (obtaining my key, obtaining a session token, then modifying the score class to add a million points)? How can I safeguard my app against such potential threats?
Thank you in advance for your time and responses.