but you need to host a php server to launch spring
Nope - just produce the script.txt with a dedicated mime-type (to be sure also use a dedicated file extension) and let the browser start a "helper-app" --> "spring[.exe]" (like spring-installer does now) - that's all.
I'm a little worried about ppl following links that lead to mock-ups of this site and they enter their password there. Ofc every site has this problem... actually it's a user problem :) Anyway... I think if this lobby should become real, a paid (not self-signed) SSL certificate "lobby.springrts.com" (or similar) should be used, to not make it to cheap to imitate the site.
@CarRepairer: PM me if you need a dedi (web)server (spring[1,2].admin-box.com) for testing purpose, I'd be happy to help.
you should not use the same password for spring and your online banking or similar. and even though of course, there are people doing that, it is not springs duty to care for that. we'd end up with shit like in the US, where they have to label coffe caps with text explaining that it is hot and dangerous and might kill you if you do not use it correctly.
you should not use the same password for spring and your online banking or similar. and even though of course, there are people doing that, it is not springs duty to care for that.
Ofc it's not the duty to protect from themselves, and nobody expects it. But IMO it's the duty of every site owner to protect its users from the simplest attacks that can be done technically, and that is something that can be expected.
we'd end up with shit like in the US, where they have to label coffe caps with text explaining that it is hot and dangerous and might kill you if you do not use it correctly.
That has nothing to do with this. They have strong consumer rights combined with a law where the height of financial punishment depends on "how much it hurts". Much better against corp. than for ex. in Germany where it depends solely on the "damage done to someone/thing", which is often to low to really punish a corp. So - what does this have to do with trying to protect your users from the simplest fraud?
either you make a java lobby to make a multiplatform lobby, but SL is already multiplatform, so it's useless, either you're trying to make a proxy lobby, which is just stoopid, just make a web:80 -> springrts.com:8200 redirector and people will be able to use the lobby they want ...
Joined: 17 Sep 2008, 03:36 Location: your imagination
Brilliant work imho.
I am no expert but given recent trends, moving as much as possible to web is a great move. So much easier for cross-platform, no worries about dependency changes breaking things (with my wxwidgets version SL is barely usable, qtlobby stopped compiling after qt update), and no worries about finding testers or packagers for all those flavors of unix.
Not to mention, website updates mean instant updates for all users with no downloading or installing required, users can get help in chat without having to install anything, and people will have a chance to see that there are games happening, that there is an active community rather larger than pretty much any other free RTS out there.
I hope you stay motivated enough to make a full-featured web lobby a reality. :D
A simple java-applet for socket connections and local file access will do just fine.
If that's possible, then Java's security is nightmarishly bad.
Sorry - forgot to write "a signed java-applet"... You can sign them yourself, then the user needs to accept it. Like with self-signed SSL certificates. And yes - very good to know this: when you allow a signed java app to run in your browser, you allow it to do everything outside the sandbox! (there are sec-profiles to reduce permissions, but noone uses them)
Users browsing this forum: No registered users and 0 guests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum