Also the ownersay is spammy for people who are not using the custom viewer On Mon, Feb 16, 2009 at 12:50 PM, Argent Stonecutter < [email protected]> wrote:
> On 2009-02-16, at 11:15, Thomas Shikami wrote: > >> Tony Dodd wrote: >> >>> As regards return traffic it is very easy to arrange for the viewer to >>> send >>> a string on some selected channel, though I suppose in the interests of >>> clarity and security it might be better to add client to server messages >>> with a new event type. >>> >> > This secure channel is already in the works, the viewer already supports >> curl and the server side lsl scripts are about to support http_in. >> > > I'm not sure how secure a channel this would be. There's nothing that tells > a script that a connection via HTTP is coming from the client it's > expecting. The chat version can be implemented securely enough for > attachments to deal with any attack I can think of, since you can use > llOwnerSay() for the script-client path, and verify the chat > id==llGetOwner() for the response. If that's not good enough, then going to > something with less authentication wouldn't be a step forward. > > _______________________________________________ > Policies and (un)subscribe information available here: > http://wiki.secondlife.com/wiki/SLDev > Please read the policies before posting to keep unmoderated posting > privileges >
_______________________________________________ Policies and (un)subscribe information available here: http://wiki.secondlife.com/wiki/SLDev Please read the policies before posting to keep unmoderated posting privileges
