Like the title somewhat suggest the goal for this post is to find a way for http request from virtual world to the great outside, and not have destination ip address show up in logs for the virtual server holder (other then linden, if the object is active in SL). Don't know if this is a problem but assuming so. Reason for this inquiry is at bottom line that i'm a noob when it comes to server and therefore security is not the most molded concept. By doing some foot work in lsl code this can be partially remedied.
This would be applied to a single lsl script with no modify permission that will handle http/https communication to and from the internet. The script would most likely be used at different regions, therefor most likely have little to non know data to compare and confirm if a Linden Lab server are the current host.
The Application is not super secret but would not be hurt from better security towards not showing server ip address and other server holder information to current host.
Any suggestions or hypothesizes is greatly appreciated.
Concepts for a partially remedy tincture:
Use a 3rd party server to verify from sender and act as a relay.
Cons: Cost, complication, implementation.
Pros: Would assumme a very high chance to not show destination ip address
Check if ip address are known to be Linden Labs ones http://wiki.secondlife.com/wiki/Simulator_IP_Addresses , this would necessity be verified by a 3rd party server.
Cons: Can probably be simulated by a non Linden Labs server
Use a if statement in lsl code for known values that should equal return from all/any llGetSimulatorHostname | llRequestSimulatorData | llGetRegionCorner | llGetRegionName | llGetEnv
Cons: Can probably be simulated by a non Linden Labs server, Not always enough relevant data to accurate confirm if data is true.
Is it possible to show a lsl code(with any permissions) in a web browser like firefox with and without login credentials?
Is possible for a lsl code to get a 'bird eye view' of where it is run and confirm that some how? : Not only look inside its "bubble of operation environment" but the greater "image".