[sldev] Script to client channel.

[Marine Kelley]

Hello all,

I totally agree with the idea of a llViewerSay (channel, string) command,
and would also support a llGetViewerString (string) to retrieve a string the
viewer would have set into the sim at login (exactly like what
llGetAgentLanguage does, but for arbitrary strings). That way the scripts
will be able to retrieve custom messages in a synchronous and secure manner.

On a side note, llOwnerSay (the way I have chosen to channel special RLV
messages) is the most secure way to communicate directly with the viewer,
the only price being it is spammy for non-RLV users. But good scripts check
the viewer first, and stick to a "@version=2222" message and that's it. It's
not totally painless, but it's not too annoying I think.

If something like llViewerSay was implemented, I would also keep the "@"
parsing on llOwnerSay, and also use llViewerSay the same way. Therefore old
scripts won't become obsolete, and new scripts will benefit of this feature.

Marine



2009/2/16 Dimentox <dimentox at dimentox.com>

> Also the ownersay is spammy for people who are not using the custom viewer
>
>
> On Mon, Feb 16, 2009 at 12:50 PM, Argent Stonecutter <
> secret.argent at gmail.com> wrote:
>
>> On 2009-02-16, at 11:15, Thomas Shikami wrote:
>>
>>> Tony Dodd wrote:
>>>
>>>> As regards return traffic it is very easy to arrange for the viewer to
>>>> send
>>>> a string on some selected channel, though I suppose in the interests of
>>>> clarity and security it might be better to add client to server messages
>>>> with a new event type.
>>>>
>>>
>>  This secure channel is already in the works, the viewer already supports
>>> curl and the server side lsl scripts are about to support http_in.
>>>
>>
>> I'm not sure how secure a channel this would be. There's nothing that
>> tells a script that a connection via HTTP is coming from the client it's
>> expecting. The chat version can be implemented securely enough for
>> attachments to deal with any attack I can think of, since you can use
>> llOwnerSay() for the script-client path, and verify the chat
>> id==llGetOwner() for the response. If that's not good enough, then going to
>> something with less authentication wouldn't be a step forward.
>>
>> _______________________________________________
>> Policies and (un)subscribe information available here:
>> http://wiki.secondlife.com/wiki/SLDev
>> Please read the policies before posting to keep unmoderated posting
>> privileges
>>
>
>
> _______________________________________________
> Policies and (un)subscribe information available here:
> http://wiki.secondlife.com/wiki/SLDev
> Please read the policies before posting to keep unmoderated posting
> privileges
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.secondlife.com/pipermail/sldev/attachments/20090216/dc653876/attachment.htm