As Mike stated, this seems redundant to HTTP_CUSTOM_HEADER. There is already a mechanism for adding an entry if that is what you desire. Certainly for the stated use case, it’s already possible. I don’t see how adding additional entries to every llHTTPRequest() would be widely beneficial especially at such a broad scope.
On November 11, 2019 at 11:48:38 AM, Mike Higgins (m...@kayaker.net) wrote: There is no such thing as perfect security, but there is utility in increasing the difficulty of breaking the security. Eventually the difficulty exceeds the value of the information and you are secure enough. Adding values to the header in the OpenSim code instead of in the script adds just a little bit more difficulty and therefore a little more security. Here is an example use: It is common in grids to fly around in an airplane and have it crash (or the viewer crashes, or the region crashes or the grid crashes) and you leave the vehicle behind. I have a transponder script that occasionally reports the vehicle position to a database on an external server. When you log back on, you can ask that server to tell you where your vehicle is so you can go clean up any mess you may have left on someone else's land. The prim that finds the vehicle for you uses your UUID to look up your vehicle transponders in the database. No need to log on, no passwords, automatic authentication just takes you to your vehicles. Is it worth the trouble for someone to build a stand alone grid or modify the sources of OpenSim in order to maliciously find out where your crashed vehicles are? No. Is it useful to find your own crashed vehicles and clean up your own messes? Yes. Adding information to the HTTP Request header will allow more useful functions like this. On 11/11/2019 6:56 AM, mike.dick...@utopiaskye.com wrote: > There is already a mechanism to add Header entries in llHttpRequest > (http://wiki.secondlife.com/wiki/HTTP_CUSTOM_HEADER) . And I don't think > it's reasonable to consider anything on the header trusted or secure just > because its in the header. I'd argue there's little utility to adding a > bunch of data to the header that can't be trusted implicitly and it may bulk > up the message to the degree that the data gets split across packets and > delivered less efficiently. But my main argument against the approach would > be that information in the header is somehow secure or trustable. It's just > not. > > Mike > > -----Original Message----- > From: opensim-dev-boun...@opensimulator.org > <opensim-dev-boun...@opensimulator.org> On Behalf Of Haravikk > Sent: Monday, November 11, 2019 5:26 AM > To: opensim-dev@opensimulator.org > Subject: Re: [Opensim-dev] Patch for New llHTTPRequest Internal Header > Values > > > >> On 10 Nov 2019, at 23:36, Mike Higgins <m...@kayaker.net> wrote: >> >> These values turn out to be incredibly useful for authentication, commerce > and other cryptographic uses. For example, it is extremely difficult for an > avatar to spoof her own UUID. So this value can be used to uniquely > authenticate that the person using a prim is in fact who she claims to be. > > I'd caution against using this is a sole factor in authentication; the whole > point of OpenSimulator is that anybody can setup and run a simulator, and > the code is open source, so it would be entirely possible to send false > requests from a malicious server (or CURL or similar if you know what you're > doing), there's also no guarantee that an avatar's UUID is unique between > grids (it should be, but it also may not be, e.g- if data was imported, or > someone changed their UUID on purpose). > > You would also need to establish that the request comes from a trustworthy > grid, and there isn't currently a way to do this as such, as again a > malicious request can pretend to come from any grid it likes, unless you > have a list of all valid IP's for that grid, you can't verify it. I > discussed a possible method to check that a simulator actually belongs to > the grid it says it does via a grid-level API, but have never found the time > to sit down and learn enough about the OpenSimulator code to implement it. > If you're interested, I covered this in a pair of wiki articles: > http://opensimulator.org/wiki/User:Haravikk_Mistral/RegionVerification > <http://opensimulator.org/wiki/User:Haravikk_Mistral/RegionVerification> and > http://opensimulator.org/wiki/User:Haravikk_Mistral/ExpandedGridInfoAvailabi > lity > > So yeah, if you want validation I strongly recommend something more than > just checking the headers in an HTTP request at present; an initial password > then a persistent session token is still my preferred method, so a user > should only need to enter their password (and it should only be held by the > script) during initial setup of a device, or if they let the session expire. > >> [Network] >> >> OpenSimHeaders = true ;add new information to llHTTPRequest header >> >> ;OpenSimHeadersGrid = false ;if false, don't include grid info in header >> >> ;OpenSimHeadersRegion = false ;don't include region info >> >> ;OpenSimHeadersParcel = false ;parcel info >> >> ;OpenSimHeadersPrim = false ;extra prim info >> >> ;OpenSimHeadersScript = false ;script info >> >> ;OpenSimHeadersDesc = false ;descriptions (prim and script) >> >> >> Complete list of new header values added: >> >> >> X-Opensim-Grid-Login-Uri >> >> X-Opensim-Grid-Name >> >> X-Opensim-Parcel-Flags >> >> X-Opensim-Parcel-Group-Key >> >> X-Opensim-Parcel-Key >> >> X-Opensim-Parcel-Name >> >> X-Opensim-Parcel-Owner-Key >> >> X-Opensim-Prim-Creator-Key >> >> X-Opensim-Prim-Description >> >> X-Opensim-Prim-Group-Key >> >> X-Opensim-Prim-Owner-Mask >> >> X-Opensim-Prim-Sit-Text >> >> X-Opensim-Prim-Text >> >> X-Opensim-Prim-Touch-Text >> >> X-Opensim-Region-Key >> >> X-Opensim-Region-Size-X >> >> X-Opensim-Region-Size-Y >> >> X-Opensim-Script-Creator-Key >> >> X-Opensim-Script-Description >> >> X-Opensim-Script-Name >> >> X-Opensim-Script-Perms-Mask > I'm generally in favour of these though; personally I wonder if we should > just include grid info as standard, since it's such a crucial part to > OpenSimulator, shouldn't present a security threat (unless your login URI is > unsecured somehow, in which case you have bigger problems) and it's useful > for basic verification of an HTTP request. > _______________________________________________ > Opensim-dev mailing list > Opensim-dev@opensimulator.org > http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev > > _______________________________________________ > Opensim-dev mailing list > Opensim-dev@opensimulator.org > http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev > _______________________________________________ Opensim-dev mailing list Opensim-dev@opensimulator.org http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev _______________________________________________ Opensim-dev mailing list Opensim-dev@opensimulator.org http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
