Phate Shepherd

If you are talking about having a script in object "Box" searching for nearby items and collecting them inside the box, no, can't do that. What you can do is to have a script search and return items... maybe doing the opposite of what you had in mind, leaving behind the items you want to keep.

I'm encountering a few customers that are getting http error 502 when product communicates with my server. This started after changing where the DNS pointed from one server to another commercial hosting service. All logs are clean on the host, so I don't know where the communication is breaking down. In one instance, the person having the problem got their region restarted and the problem went away. Two others restarted or had their regions restarted, but it didn't fix it. I don't know yet if they are on full or homestead regions, and if that would change the results. (Maybe restarting a homestead doesn't restart the proxy?) The body of the 502 error: <html> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </meta> <title>ERROR: The requested URL could not be retrieved</title> <body id="ERR_READ_ERROR"> <div id="titles"> <h1>ERROR</h1> <h2>Read Error</h2> </div> <p><b>Read Error</b></p> <!-- ERR_READ_ERROR --> </body></html>

Which brings up a perplexing question: Why are animations left out of the club? You can stop an animation by UUID, but not start one.

The url https://d2mjw3k7q9u8rb.cloudfront.net/ is definitely dead.

I was trying to come up with a solution to existing content that wouldn't require replacing all in-world items that talk to servers with source verification.

Would it be possible for the proxy itself to insert a hash into the http header that is based on the script creator UUID and a shared secret that the creator can change themselves? I hesitate to suggest a hash made from the creator's UUID and their password, but something that the creator already has control over, and can't be reversed to reveal their plaintext password. (At worst, it could be reversed to reveal the shared secret, but the creator could change it, and update the server code.) Doing it this way, existing content could continue to work as only a server side verification of the hash would be needed to know the comms came from a LL proxy by verifying the hash matches the concatenation of known creator UUIDs and the shared secret. (Now that I think about it more, it wouldn't help open source scripts that have a creator different than the server being communicated with.)

That would be a huge hurdle as a first LSL project. HTTP comms aren't THE most complex feature to script in LSL, but nearly so. Starting from scratch, I would likely point you towards Builders Brewery classes. Maybe start by asking on the Builders Brewery group chat what classes would lead you toward your end goal. If you are already familiar with programming concepts, it may be weeks to months to get proficient enough to do it on your own. If you are not already familiar with languages like php, javascript, http PUT/GET/POST etc.... it may take much longer. You could shortcut the process and ask in one of the employment wanted threads if someone could write it for you, but anything that uses something tied to your Steam account (The Steam API key) is a little sketchy as they should build and test with their own, and not use yours. Only once the script is tested and handed over to you would you substitute in your own Key. Even then, I would be wary and ask another scripter to look it over and make sure it isn't trying to do something naughty.

I've used a fairly simple encryption scheme and it has served well. * Sender generates a random salt (pick whatever method you like, seeded random number, whatever) * Generate MD5/SHA from the concatenation of a password (hard coded in the script) and the salt. * Generate the encrypted text with llXorBase64 using the MD5/SHA as the encryption key. * Send the salt followed by a separator and then the encrypted data to the receiver (web or another object) * The receiver strips off the salt, generates an MD5/SHA from the embedded password and the salt, and then decrypts the Base64 using llXorBase64 to get the original data. I dislike time based salts as there is always the possibility that the sender/receiver will calculate them differently. Maybe not the most hardened way to encrypt data, but it is easy, and as long as you aren't repeating salts frequently, it would be difficult to obtain the shared secret... especially if you append/prepend additional random trash data to the data you are encrypting that is just tossed out after decryption.

Do you have experience with http communications in SL? If not, it will be a big leap in learning. It appears steam has an API that can be used to gather information like that. https://steamcommunity.com/dev Specifically the Steam User API Looks like you have to obtain an API key, and then scripting the appropriate http calls using that key to get the information you want.

Is the new proxy pool implemented as a round-robbin? Last night I experienced a production region that was reporting a 502 "ERROR: The requested URL could not be retrieved" proxy error with outbound HTTP that went away after the region was restarted. Curious if a round-robbin proxy pool would have at least mitigated the issue. If the Proxy's are no longer tied to the region, would we have to open a ticket when/if one of the proxies in the proxy pool started spewing 500 errors? Will there be any meta-data to report which proxy in the pool was at fault?

I did several circuits around your region corner prim. Never got left behind, but in one instance, lost vehicle control. I suspect that your region crossing protection code likely reinstates controls when crossing into a new region to combat that.

Quick testing shows it is working for my stuff as well. And I did do a naughty in one item and use part of the returned URL from llRequestURL Ohh, and inbound HTTP is working as well... not sure that was already working or not. I also found that it appears to be active on 1-4. They were returning URLs of the form: http://simhost-07ecfc0bf885aed5b.aditi.secondlife.io and both inbound and outbound was working. HOLY CLUCK! Maybe it is partly because the region is empty, but I did an animation load to my in-world animation tool. What normally takes maybe 2 seconds per frame to load, loaded 6 frames in under a second! I could cycle through frames at nearly real-time as well.

Ohh, how we could save a ton of work with 3 additional LSL commands: llGetDescPrimitiveParams(), llSetDescPrimitiveParamsFast() and llDetectedDesc(). Also the flag "NEXT_DESC_TARGET" Same format as LLSLPPF, except instead of a link number, you would supply a link description string to match: llSetDescPrimitiveParamsFast("Drawer1", [PRIM_POS_LOCAL, ...... ] ); You could target 1 or more links in a set just by using the description you assigned to the link. Link order wouldn't matter at all. No viewer changes needed.

Beside using transparent hovertext to store data that you may not want the viewer to have access to, there may be many cases where you don't want other scripts to have access to visible hovertext, such as the case OP mentioned with farming items. If the hovertext was to indicate "health" or some other stat that required attention, would you want it to be possible to automate attention to this stat?

You might ask the creator if his system has an API to get information from their objects. However, if the information wanted was to automate a task that they feel should be done manually, it is unlikely they would expose that information.

I'm nearly sure they are released, and that you have to get a new one on attach, but you can toss in an: llOwnerSay("Free URLs:" + (string)llGetFreeURLs()); And then log out and back in a few times to check.

The new Edge update behaves differently then the non-Chrome version of Edge (and IE before it.)

Hmm... I didn't know about the landowner exception to unsit.

Late reply, but encountered a rather ingenious force unseat in the security system of Bellisaria homes. If it can't eject you from the land, it returns the object you are sitting on.... THEN kicks your butt out. Not necessarily an option for OP, but it could be a useful solution in some cases.

I date from the serial days. ACK! NAK! Now I sound like the martians from "Mars Attacks!"

Ahh, very good point.

I was about to jump in and post an elaborate solution when it occurred to me.... the uppercase of a non-alphabetic character is the same character... so it still works fine. On a side note, it may act a little goofy with a single character as the src input.

Reading just the word "Hello" has started to give me PTSD shakes from all the support IM's that say "Hello" or "Hi" without asking a question. I hate to be rude and not reply, but I hate it even more to have to do the pointless handshake before valid data is transferred.

It works for media on a prim. Just apply the texture when media is off.

One common trick is to use an instructional graphic on the face of the prim you use for media. If they have media turned off, the graphic will show telling them how to turn it on. If they have it on, they never see the graphic, only the media.