Pages: 1 2 3 4 5 6 7 [8] 9 10 11 .. 11 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 27 post(s) |
Wollari
Phoenix Industries Wicked Nation
|
Posted - 2009.10.16 01:52:00 -
[211]
Edited by: Wollari on 16/10/2009 01:52:48 In the new release of the IGB i found some bugs already. The good thing: Most of the CCPEVE.ShowInfo() links are working but:
1) ShowInfo() on the character is not working correct like the old showinfo: links. There was an option that we can create links like ShowInfo(1,CharID) because not everybody knows the TypeID of the Players Race, etc. The 1 was the generic idenitfier for every char. Short: The generic character popup is not working,
2) Javascript Mousewheel Events are broken: With the new release the Javascript Mousewheel Events are broken. They either don't work completly or just in 1 direction. On my client i can only zoom into maps.google.com but not out when scrolling the opposite way. I just getting depper and deeper.
3) ShowInfo on alliance is not always working. On someparts those links are working, but not everywhere on the page. Until know i don't know when those links aren't working when at the same time a System Link in the same tablerow works fine.
4) When resizing the browser window too often it can happen that the whole Eve Client (not just the browser) is crashing.
greetings Wollari
|
Miss Moonwych
Formedian Shadows
|
Posted - 2009.10.16 02:09:00 -
[212]
About the whole issue of exploitation/spamming etc.
Wouldn't it be better that for some types of actions (eg the ones that tend to be exploitable/spammable) to allow certain types of links/tags instead of adding javascript methods (which can be repeatedly called or even masked as something else).
That way you can add a link to a wesbite that is right-clickable with for example the following options:
- Join fleet - Resize browser to 300 x 200 (at position x,y) - Give n money to z - Send message to this person
The text in the right-click menu would be coming from the eve client, not coming from the browser. This ensures you get what you see and only when you want it. Since these are not scriptable and require (right-click) confirmation in the (safe) Eve client there is not the issue of spamming or exploitation.
Other stuff can still be done via javascript methods. But if something is exploitable when implemented as a javascript method that doesn't mean it can't be implemented as passive links/tags.
Anyway. Just my thoughts.
Regards,
M.M.
|
Synex
Gallente BIG
|
Posted - 2009.10.16 08:36:00 -
[213]
I would strongly ask for the following feature if possible...
CCPEVE.TransferISKTo(charID, quantity);
which would open the 'Give Money' dialog with the quantity, character already filled in.
This would get around the security problems with auto-payments, but equally allow for pay-per-use services, something that would open a mini-profession in game.
This could be coupled with an API call to your wallet info to check whether the money had transferred or not.
Thanks! Synex Oursulaert Industries
|
Leebe
|
Posted - 2009.10.16 09:51:00 -
[214]
Edited by: Leebe on 16/10/2009 09:56:24 I don't really see a problem with javascript functions as long as you have to confirm all actions with a confirmation box.
They could add a checkbox/link to the confirmation box that removes the page from trust list (and report the page for possible blacklisting)
Originally by: Synex
This could be coupled with an API call to your wallet info to check whether the money had transferred or not.
This will probably never happen since they made clear on the presentation that you will never get any information out of the game by the api except for the headers. The Javascript API is a one way thing.
Make it CCPEVE.TransferISKTo(charID, quantity, [reason]); and add a transaction number or something like that then you can check if you got the money via the traditional web api
|
Synex
Gallente BIG
|
Posted - 2009.10.16 10:09:00 -
[215]
Originally by: Leebe Edited by: Leebe on 16/10/2009 09:56:24 I don't really see a problem with javascript functions as long as you have to confirm all actions with a confirmation box.
They could add a checkbox/link to the confirmation box that removes the page from trust list (and report the page for possible blacklisting)
Originally by: Synex
This could be coupled with an API call to your wallet info to check whether the money had transferred or not.
This will probably never happen since they made clear on the presentation that you will never get any information out of the game by the api except for the headers. The Javascript API is a one way thing.
Make it CCPEVE.TransferISKTo(charID, quantity, [reason]); and add a transaction number or something like that then you can check if you got the money via the traditional web api
Yeah, that is what i was thinking of too - using the WebApi, but getting the transaction number back from the JS would be even more useful, and take out the headache from trying to match up transactions
Synex Oursulaert Industries
|
Wollari
Phoenix Industries Wicked Nation
|
Posted - 2009.10.16 11:06:00 -
[216]
Edited by: Wollari on 16/10/2009 11:06:38
Originally by: Synex Yeah, that is what i was thinking of too - using the WebApi, but getting the transaction number back from the JS would be even more useful, and take out the headache from trying to match up transactions
If you've been in the Fanfest IGB presentation/rountable talk you would have known that there's no way to get informations from the game (expect headers) and transfered them to the browser. It's only a one way communication from the browser to the client, not the other way around.
TBH, the TransferIsk JS Call should only be available to TrustedSites. CCP has possibilites to enable JS Calls for Public and for TrustedSites. This way the user can be sure that only trusted sites can/will open the TransferIsk Popup and not every 2nd IskSpammer page or ad.
|
Bubbled
|
Posted - 2009.10.16 14:25:00 -
[217]
Edited by: Bubbled on 16/10/2009 14:25:33
Originally by: Wollari
TBH, the TransferIsk JS Call should only be available to TrustedSites. CCP has possibilites to enable JS Calls for Public and for TrustedSites. This way the user can be sure that only trusted sites can/will open the TransferIsk Popup and not every 2nd IskSpammer page or ad.
I agree and maybe a "limited" and "full" trust (like the API) could be implemented. Limited trust could only get info (like they do now from headers) and the full could also run JS Calls.
|
Synex
Gallente BIG
|
Posted - 2009.10.16 20:45:00 -
[218]
Originally by: Wollari Edited by: Wollari on 16/10/2009 11:06:38
Originally by: Synex Yeah, that is what i was thinking of too - using the WebApi, but getting the transaction number back from the JS would be even more useful, and take out the headache from trying to match up transactions
If you've been in the Fanfest IGB presentation/rountable talk you would have known that there's no way to get informations from the game (expect headers) and transfered them to the browser. It's only a one way communication from the browser to the client, not the other way around.
TBH, the TransferIsk JS Call should only be available to TrustedSites. CCP has possibilites to enable JS Calls for Public and for TrustedSites. This way the user can be sure that only trusted sites can/will open the TransferIsk Popup and not every 2nd IskSpammer page or ad.
Fair dos. I thought the communication might be one way.
All of the javascript functions are for trusted sites only, so that shouldn't be a problem.
Even without the transaction ID coming back, it should still be possible to match up the transaction with the record in your wallet. Synex Oursulaert Industries
|
Twistalous
Gallente Arkons of Myth KIA Alliance
|
Posted - 2009.10.17 03:41:00 -
[219]
Originally by: Sky Grunthor Twist, remember that with any action that causes a possible exploitable issue there has to be some kind of confirmation.
For example in JoinFleet, there would have to be some kind of user confirmation in the client (not igb) before actually joining fleet. This would be to prevent the website from immediately forcing people who navigate to it from being automaticaly forced to join the fleet if they are not already part of one.
The same kind of thing would have to be considered for AddToWatchlist and LeaveFleet. The availabilty for abuse by the website needs to be removed.
Sky, that's true, I suppose. It's just sort of annoying that such a leap forward in the IGB as this new version is also causing us to lose some nice functionality we had before. In the current IGB you can link to a fleet invite link and there's no confirmation prompt given. In fact, I haven't tried it, but I suspect you could probably do a redirect to the fleet link and automatically put someone in the fleet just like you're suggesting in your scenario above.
While a confirmation isn't the end of the world, it's just one more click that people have to do. I like to streamline things. :)
-- Twist |
Miss Moonwych
Formedian Shadows
|
Posted - 2009.10.18 09:49:00 -
[220]
Edited by: Miss Moonwych on 18/10/2009 09:53:51 Question about color transparency:
Is it possible to use certain (background) colors in the browser so when you choose the browser-window to be transparent in eve those colors in the browser will actually be transparent?
Regards,
M.M.
Also, small bug: if you collapse or expand the left "menu" in eve and your browser is attached to it, the content in the browser doesn't move along and you get a black bar.
|
|
Miss Moonwych
Formedian Shadows
|
Posted - 2009.10.18 11:43:00 -
[221]
Found an Eve client crashing BUG:
When you keep resizing the browser vertically (e.g. at www.google.com) the eve client will crash after several back and forth movements. It seems somehwat random when it happens.
So click with your mouse on the lower edge of the browser window, hold down the mouse button and start moving your mouse up and down. At some point the eve client will hang and then crash.
Doing it horizontally doesn't make it crash.
Can somebody confirm?
Regards,
M.M.
|
Synex
Gallente BIG Libertas Fidelitas
|
Posted - 2009.10.18 12:31:00 -
[222]
If you click on several 'invalid' EVECCP.ShowInfo() buttons in turn, the Javascript for the page bugs out for ~30 secs.
You can test it at:
http://www.cbampton.com/upload_dir/test.php?start=0&end=100
Where start and end are number of typeIDs to list. Synex BIG
|
Wollari
Phoenix Industries Wicked Nation
|
Posted - 2009.10.19 23:45:00 -
[223]
Originally by: Miss Moonwych Can somebody confirm?
Yepp i can confirm it. Bug reported including Logserver Dump.
Logserver output: [1019/233806:INFO:BrowserViewHost.cpp(157)] ProcessPaintRect: D3D surface too small (1024,512) but need (749,570
-------
Something different: I've an additional Request for the Javascript Method: CCPEVE.RequestTrust(trustableUrl).
Quote: The page will not be automatically refreshed if the user grants the trust request. Trust will take effect the next time the user refreshes the page, or navigates within the site.
I've 2 ideas who to change this:
1) Add param if the page should reload on trust
CCPEVE.RequestTrust(trustableUrl[,BoolReloadPage=false]) If BoolReloadPage == true then the browser should reload the page on Trust (not on Not Trusted)
or
2) Add a return value (bool) to the Function
if(CCPEVE.RequestTrust(trustableUrl)) { // do something location.reload(); } else { // do something more document.write('go away ...'); } The 2nd choise would be the cooler and more extenable one, but I suppose it won't be possible because of the limited communication between browser (igb) and security layoer n rendering/javascript engine.
|
Shereza
|
Posted - 2009.10.20 17:07:00 -
[224]
Just out of curiosity, would it be possible to have the new IGB work with the default (or at least default in IE and Firefox) page forward/back mouse bindings?
I just looked at the browser for the second time ever today and it looks nice and felt nice until the first time I hit one of my mouse buttons to back up a page and got no response. It's like a bad flashback to the days of three-button mice.
Still, that aside it looks good so far. ____________________
Minmatar in Fantasy or Duct Tape Goes Medieval. |
Raul Lustrom
Free Galactic Enterprises Aranir Citizens
|
Posted - 2009.10.21 20:53:00 -
[225]
Originally by: Shereza Just out of curiosity, would it be possible to have the new IGB work with the default (or at least default in IE and Firefox) page forward/back mouse bindings?
I just looked at the browser for the second time ever today and it looks nice and felt nice until the first time I hit one of my mouse buttons to back up a page and got no response. It's like a bad flashback to the days of three-button mice.
Still, that aside it looks good so far.
I second that request. Basic functionality of the back and forward buttons on mice is a must, if not for Dominion, but for Dominion.0.1
|
|
CCP Nimbus
|
Posted - 2009.10.22 14:06:00 -
[226]
Those of you who are seeing crashes, it would be really helpful if you could bug report them and then link the bug reports in here. This is looking likely to be an issue related to your hardware setup, so if you could include that sort of information we would be super grateful.
As for all the other issues, comments, and suggestions in here, I will spend some time responding soon - promise!
|
|
Haskell
Gallente
|
Posted - 2009.10.22 16:06:00 -
[227]
I've played a bit with the RequestTrust method in the current build (109210) and stumbled upon some issues:
* It's possible to request trust for a different site (e.g., http://example.com/path/to/file.html requesting trust for "http://www.google.com")
* Denying trust in this case ("Ignore Always") correctly adds "http://www.google.com/" to the list of Trusted Sites as "Not Trusted". But all subsequent calls of RequestTrust from http://example.com/path/to/file.html are ignored.
* ShowInfo works when a site is not on the list of Trusted Sites, and also even when the site has been added to the list of Trusted Sites as "Not Trusted".
* Upon opening the window, for a few milliseconds the text "A page is requesting..." doesn't take the full available width and requires a scrollbar.
Some ideas:
* What if RequestTrust wasn't a separate method but integrated into each of the other JavaScript methods? For example, invoking ShowInfo would first ask the user if he really wants to perform this action, and if confirmed then show the Info window. The confirmation window would have four buttons: "Continue" (Allow once), "Abort" (Ignore once), "Trust website" (Allow always), "Block website" (Ignore always). This allows the user to have fine grained control over which methods the website may call, and also solves the problem of the website needing to detect if it's trusted or not.
* It would be really really nice if method calls weren't silently ignored. If the method calls are blocked in the browser process, is it maybe possible to throw something like an AccessDeniedException or return an old-fashioned error code to the caller? |
Wollari
Phoenix Industries Wicked Nation
|
Posted - 2009.10.22 19:48:00 -
[228]
With the RequestTrust() popup, I would like get an option "Trust once". So I give a webpage a temporary trust. I don't want to add 50 sites to the trusted section, i just want to decide everytime when I want to give out sensitive informations.
|
Lumy
Minmatar Sebiestor tribe
|
Posted - 2009.10.22 21:48:00 -
[229]
Originally by: Sasha J On page http://wiki.eveonline.com/wiki/IGB_Javascript_Wish_List:
javascript:Client.GetShipFitting() pops up a confirmation window and (if approved) returns the complete ship fitting (possibly Ship DNA string formatted)
Please, use JSON, not XML (or at least add JSON version of this call). Makes more sense in javascript.
Sidenote: IGB fanfest 2009 presentation on youtube: http://www.youtube.com/watch?v=6KQJQhqHgz4
Originally by: Sky Grunthor They are already using a Ship DNA string with other calls. It would probably be more appropriate to use that there as well.
Originally by: Sasha J Using XML in JavaScript is pain and slow. If you get XML string from this function only way to do something useful with that string is to make AJAX call and process XML with server side language (PHP, Ruby, Perl, Java,...). Even in that case all of those languages have JSON support. http://json.org/xml.html
Originally by: Sky Grunthor Please see Ship DNA. Has nothing to do with xml. As I indicated before. Ship DNA is whats is used already by the ShowFitting call already in place.
edit:
what would be of good use is too start putting together a javascript utility library probably. an object to convert Ship DNA strings to a ShipFitting object and back would be neat. However, I don't know how useful such a utility would be unless it had the db to call on to determine if typeid's are high/mid/low/rig etc modules or charges/drones.
That is the exactly the reason, why we should use JSON instead. It's native format to JavaScript, so it won't require any utility library to manipulate it. Also every common server-side scripting language has libraries or direct support for JSON string parsing and building.
The current implementation is IMHO bad idea, because it
- Requires more client-side coding
- Requires more server-side coding
- Introduces new "standard"
- Is non-descriptive
- Hard to read for humans
The only good thing is it's short. But I'm willing to give up few text characters for readability. Compare
"597:25861;1:6673;3:439;1:4025;1:1183;1:1998;1:1236;1:11269;1::" to
{ shipType:597, hi:[25861, 6673, 6673, 6673], med:[439, 4025], low:[1183, 1998, 1236, 11269], rigs:[], charges:[] } Yes, you can split JSON to multiple lines. I did it intentionally.
Joomla! in EVE - IGB compatible CMS. |
Wollari
Phoenix Industries Wicked Nation
|
Posted - 2009.10.22 23:11:00 -
[230]
Bug Update: Just tested with the current SiSi Build:
### Browser Crash
BugID: 85701 (2 attached logserver crashdumps) The bug is still present, nothing changed. I don't have say anything about the funny pink colors in my XP Client in the browser window when resizing it.
### Wrong Javascript Mousescroll Events
BugID: 85530 The Javascript Mousescroll events are bugged. Exampe: You can only zoom into Google Maps, but not zoom out. Zooming out just makes you zooming more in.
|
|
Lumy
Minmatar Sebiestor tribe
|
Posted - 2009.10.22 23:48:00 -
[231]
Edited by: Lumy on 22/10/2009 23:48:31 About the ability to display context menu, that will be supposedly lost in Moondoggie: If CCP manages to implement function to display context menu in this sprint, right-click menu can come back. I already tested it using JQuery. The Moondoggie can register both left and right click, and assign them different functions. Little snippet I tried and actually works:
http://pastie.org/666008
So, CCP Nimbus, could you move context menus to the top of your TODO list? Pretty please!
Joomla! in EVE - IGB compatible CMS. |
Agent Known
Caldari
|
Posted - 2009.10.23 05:29:00 -
[232]
Browser works great...except a couple things:
1) The initial white screen (blank page) is blinding at times. Can this be changed?
2)Mouse-overs don't work at all (xkcd is a perfect example to test against).
3) When browsing to a page without a title for the page, the browser retains the previous page's title instead of saying something like "No title".
4) Flash is now disabled when it was enabled before (put it back CCP!)
5) Hovering over a link doesn't show where it goes in the status bar like it does for normal browsers.
6) "View Source" has very bright colors...intended? I hope not...
That's all for now. On another note, I also have an annoying sig.
inaftertimeflux |
Risingson
Mezzanine Inc
|
Posted - 2009.10.23 10:57:00 -
[233]
Another request from my side regarding smooth graphic integration alongside eve-ui (transparent background requested before) would be to be able to use eve-ui font (ttf somehow available clientside for css?) also buttons, form fields and scrollbars being eve-ui lookalikes would enhance ingame site experience on the design side. ty // http://eve.databased.at |
Sky Grunthor
Minmatar Conflagration. Wildly Inappropriate.
|
Posted - 2009.10.23 16:12:00 -
[234]
Originally by: Lumy Good stuff about JSON
I agree, JSON would be a much better method of interfacing for 3rd party devs, however, I think for the devs it creates more problems than it solves for 3rd party devs.
The JSON object that is passed in still needs to be converted to something internally understandable and acted upon and the types of information that is being passed back and forth seem to be simple data types like strings, numbers and booleans. JSON is a non simple type, it is an object. So that object needs to be simplified, parsed and acted upon. From a CCP perspective there is no benefit in a JSON format over a DNA string format because both require parsing and the JSON requires MORE parsing logic than the DNA string.
However your right, JSON is a much more friendly format for the javascript world and it would be wonderful if CCP would support JSON interaction between the client and IGB. ------------------------------------------------- Search: Sky Grunthor |
Sasha J
Caldari Kumovi Sons of Tangra
|
Posted - 2009.10.23 18:24:00 -
[235]
Originally by: Sky Grunthor
Originally by: Lumy Good stuff about JSON
I agree, JSON would be a much better method of interfacing for 3rd party devs, however, I think for the devs it creates more problems than it solves for 3rd party devs.
The JSON object that is passed in still needs to be converted to something internally understandable and acted upon and the types of information that is being passed back and forth seem to be simple data types like strings, numbers and booleans. JSON is a non simple type, it is an object. So that object needs to be simplified, parsed and acted upon. From a CCP perspective there is no benefit in a JSON format over a DNA string format because both require parsing and the JSON requires MORE parsing logic than the DNA string.
However your right, JSON is a much more friendly format for the javascript world and it would be wonderful if CCP would support JSON interaction between the client and IGB.
Main point of JS IGB methods (DB dumps and API's) is to make writing 3th party software easy. CCP did great job so far, dumps are OK (but LP-store items are missing), API's are great (REST-alike, not SOAP, but personal/corp contract API's are really needed). IGB is great change so far.
JSON is not Object! It's object notation. Google it. It's made for JS but now it's supported by all modern languages for web development. You can see it as string. I don't think that using JSON is a lot more work for CCP, makes no sense. Only reason that ShipDNA is implemented is that you made page on evelopedia and they took it as granted.
Benefit from JSON is not only on JS side. It's a string that can be send to a webpage using AJAX and server side can easily make own objects from JSON data. I made workins ruby on rails demonstration few 'forum pages' ago. It's great if you do object-oriented stuff.
JSON is standard. Both google and yahoo offer JSON as feeds or webservices.
Other thing is inter-compatibility. JSON can be transferred between applications no mater what programming language is used.
JSON is subset of YAML. It's human-readable data seralisation and if CCP implents it for fittings and also adds ship/module/drone name, it can be used for forum post with fittings like posts on SHC (think of EFT format).
|
Sky Grunthor
Minmatar Conflagration. Wildly Inappropriate.
|
Posted - 2009.10.23 19:48:00 -
[236]
Originally by: Sasha J
Main point of JS IGB methods (DB dumps and API's) is to make writing 3th party software easy. CCP did great job so far, dumps are OK (but LP-store items are missing), API's are great (REST-alike, not SOAP, but personal/corp contract API's are really needed). IGB is great change so far.
JSON is not Object! It's object notation. Google it. It's made for JS but now it's supported by all modern languages for web development. You can see it as string. I don't think that using JSON is a lot more work for CCP, makes no sense. Only reason that ShipDNA is implemented is that you made page on evelopedia and they took it as granted.
Benefit from JSON is not only on JS side. It's a string that can be send to a webpage using AJAX and server side can easily make own objects from JSON data. I made workins ruby on rails demonstration few 'forum pages' ago. It's great if you do object-oriented stuff.
JSON is standard. Both google and yahoo offer JSON as feeds or webservices.
Other thing is inter-compatibility. JSON can be transferred between applications no mater what programming language is used.
JSON is subset of YAML. It's human-readable data seralisation and if CCP implents it for fittings and also adds ship/module/drone name, it can be used for forum post with fittings like posts on SHC (think of EFT format).
dude, take a chill pill.
1) I did not make it up. I LEARNED about the Ship DNA string format about 10 months ago from MrCue over at BattleClinic. It is not something I chose for CCP or anything, It is something I recognized that they did.
2) yes JSON is object notation, I am a professional web developer and use JSON quite often within my web apps. Sorry for the adding that bit of confusion.
3) JSON is a more sophisticated string representation, and as such it IS harder to parse accurately. However I will grant that it is not "a lot more work" ... no I take that back.
4) When used in the way that is proposed, it is no longer just object notation, it is now an object that is being passed.
JSON is used to create an object in javascript, it is NOT used to create one in python to my knowledge and wouldn't be safe to do so even if I'm wrong and it is supported natively somehow. So far all examples given by JSON proponents have showed the creation of an object. Given that it is passed into the client as an OBJECT what happens when there is a notation difference or addition. What happens when "hi" is hi in one object and HighSlot in another. Or what happens when there are methods and other information attached to that object or declared in the JSON that created that object. How does CCP control the input in such a way that it minimizes the possibility for error or hacking?
The Ship DNA string is simple, hard to make exploitable or find hacks with and small in size. It is also easy to construct from an object as well and doesn't require the web app or anything to have knowledge of hi, lows, meds etc. Furthermore it is easy to retrieve or share via url strings which in my opinion is a great enabler for actually doing things between web applications.
On top of that, it is already used within the EVE community prior to CCP making use of it. Again I did not come up with it, or devise it, I merely recognized the structure and put a wiki page up to describe it. I may even have the information on that page wrong because I did not create the format or define it.
/rant
oh, Main point of the DB dumps and IGB methods and such is not to make web dev easy for us, its to make it possible for us. Its an enabler. ------------------------------------------------- Search: Sky Grunthor |
Sky Grunthor
Minmatar Conflagration. Wildly Inappropriate.
|
Posted - 2009.10.23 20:03:00 -
[237]
Originally by: Sky Grunthor dude, take a chill pill.
I should probably listen to my own advice. ------------------------------------------------- Search: Sky Grunthor |
Miss Moonwych
Formedian Shadows
|
Posted - 2009.10.24 05:52:00 -
[238]
Originally by: CCP Nimbus Those of you who are seeing crashes, it would be really helpful if you could bug report them and then link the bug reports in here. This is looking likely to be an issue related to your hardware setup, so if you could include that sort of information we would be super grateful.
I've got all the files and information (screenshots, dxdiag, dumpfile, logserverfile) regarding this bug. But https://bugs.eve-online.com/mybugreports.asp is not working. I get "Application Error: Unable to connect to Database".
Will try later, but can somebody take a look at that?
Regards,
M.M.
|
Sasha J
Caldari Kumovi Sons of Tangra
|
Posted - 2009.10.24 07:54:00 -
[239]
Originally by: Sky Grunthor Edited by: Sky Grunthor on 23/10/2009 19:59:07 dude, take a chill pill.
Pill taken. My intention in not to start fight, but things like 'JSON is object makes me think that you are writing about something you never used or have knowledge about. Sorry about that.
Originally by: Sky Grunthor 1) I did not make it up. I LEARNED about the Ship DNA string format about 10 months ago from MrCue over at BattleClinic.
Sorry, my bad. Wrong assumption.
Originally by: Sky Grunthor 4) When used in the way that is proposed, it is no longer just object notation, it is now an object that is being passed.
For CCP it's a string. You give or receive string using IGB JS methods. That we make objects from that string is outside of CCP scope. They have choice to parse it as a string (similar to ShipDNA) or make object from JSON data.
Originally by: Sky Grunthor JSON is used to create an object in javascript, it is NOT used to create one in python to my knowledge and wouldn't be safe to do so even if I'm wrong and it is supported natively somehow. So far all examples given by JSON proponents have showed the creation of an object. Given that it is passed into the client as an OBJECT what happens when there is a notation difference or addition. What happens when "hi" is hi in one object and HighSlot in another. Or what happens when there are methods and other information attached to that object or declared in the JSON that created that object. How does CCP control the input in such a way that it minimizes the possibility for error or hacking?
The Ship DNA string is simple, hard to make exploitable or find hacks with and small in size. It is also easy to construct from an object as well and doesn't require the web app or anything to have knowledge of hi, lows, meds etc. Furthermore it is easy to retrieve or share via url strings which in my opinion is a great enabler for actually doing things between web applications.
I don't have knowledge of Python, but google search result makes clear that's possible. In languages that i use like (Ruby/Java) or used to use (Perl, PHP) difference in mapping like a "hi" and "highSlot" is easy to solve (one line of code in Ruby). For CCP it's a string. Parsing {ship:12345;high:{item:34567;count:4}} is a bit harder then ShipDNA (if they parse it as a string) but still about the same. You can also pass JSON in URL: http://localhost/ship?data={ship:12345;high:{item:34567;count:4}}. Not a single character needs to be escaped. Security issues when used in URL are same as with ShipDNA. I'm failing to so see security benefits. ShipDNA is shorter, but even with 8 different modules on all 3 slots and different drones it will be less then 1024 chars limit.
Originally by: Sky Grunthor sorry you made me a little angry with some of your remarks. but all that said, I do think JSON would be a better implementation except for one thing, using the URL to pass the fit.
See above, it can be used in URL. My intention is not to flame and blame, i just want same thing as all of us in this thread: give our input to CCP so next IGB becomes great thing.
|
Catari Taga
Centre Of Attention Rough Necks
|
Posted - 2009.10.24 12:50:00 -
[240]
The wiki now says:
Originally by: evelopedia Note 2: There are actually many different type IDs for various types of station. However, for the purposes of the showInfo command, you should pass in type ID 3867, which we will detect and automatically convert to the appropriate type ID for you.
I have a question about the bolded "should". Is there any advantage in using a generic typeID over the actual typeID other than a supposed convenience for the web developer (it actually makes it more complicated)? If yes, what is the advantage or what will it be?
And since the bug reporting site is down again:
The view source command cannot handle dynamic pages, it only shows the source of the page as it looked when you loaded that URL for the first time, if you later POST data to that URL (e.g. you send a login) which reloads the page with different content you cannot show the source of that content. If you use HTTP GET the correct source is shown since it is recognized as a different URL.
|
|
|
|
|
Pages: 1 2 3 4 5 6 7 [8] 9 10 11 .. 11 :: one page |
First page | Previous page | Next page | Last page |