Jump to content

llRequestURL - Only one needed for all scripts / objects / AVs ???

Malestorm1488303118

By Malestorm1488303118,
in LSL Scripting

 Share
You are about to reply to a thread that has been inactive for 4182 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Malestorm1488303118

Malestorm1488303118

Posted
Posted

By chance I discovered that after I successfully execute a llRequestURL, any script in any object owned by any AV in that sim can issue HTTP Requests against the server.    This seems to open up all sort of security issues.    My question is, is this feature working as intended?              

I have read through all the messages in this forum concerning securing HTTP Requests, but was wondering which approach to securing HTTP requests gives the best results for the effort?

Link to comment
Share on other sites
Helium Loon

Helium Loon

Posted
Posted

A HTTP server is just that.  A server.  ANY client can connect to it.  What the server DOES in response to those requests is up to the person implementing the server.

 

llRequestURL() just requests a server URL for the automatic sim HTTP server to respond to, and assigns a specific UUID key to identify requests as being for/from that URL and script.  What that script does with any requests to that URL (i.e., authentication, encryption/decryption, etc.) is up to the scripter.

 

Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 4182 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...