open All Channels
seplocked EVE Information Portal
blankseplocked The API Dev Blog Trilogy - Volume Three
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 2 [3]

Author Topic

Grendell
Technologies Unlimited
Posted - 2010.10.13 16:37:00 - [61]
 

Originally by: CCP Prism X

Reading mail bodies has been a highly requested feature for quite some time and it's removal is not really an option.


Well then why not delay it until you can actually give multiple access levels. As it stands now there is already a lack of options on security for API access, and you want to add more?

Surely those who waited to have this mail API feature can wait just a little longer for it to actually be implemented properly with adequate access restrictions. This is not a desperately needed feature by any stretch.

Basically you're giving people a shinny feature and adding more security issues to an already existing problem. Access restrictions is far more relevant and demanded then API mail. There is a very large amount of businesses, corporations and services that require using API. You are basically giving them all the potential to do some very serious damage.

You're opening up a can of worms with launching this before adding adequate access restrictions.

Astroasia
Posted - 2010.10.13 19:19:00 - [62]
 

If you know it will cause problems and you know what those problems are, why are you releasing it without fixing them first?

CCP failure to use logic. Bravo you are the new Microsoft. Can you re-name this patch to Vista?

Lost Hamster
Hamster Holding Corp
Posted - 2010.10.14 21:12:00 - [63]
 

Originally by: Grendell

Basically you're giving people a shinny feature and adding more security issues to an already existing problem. Access restrictions is far more relevant and demanded then API mail. There is a very large amount of businesses, corporations and services that require using API. You are basically giving them all the potential to do some very serious damage.



I guess after the implementation, we can expect that various groups will start to hack killboards. And why? It's easy: to get access to FULL API key.
With that they get access to the private mail, of corporation directors, CEOs. A really nice way to do espionage.

Max Cetera
Capital Researchs Inc.
Posted - 2010.10.20 16:46:00 - [64]
 

Originally by: Lost Hamster

I guess after the implementation, we can expect that various groups will start to hack killboards. And why? It's easy


Then maybe people should stop using fail software on fail servers with fail admins. Or getting randoms to host their stuff.

And about API, any chance we could disable calls individually ? It seems technically doable at least (and not memory/processing heavy)

CCP Prism X


Gallente
C C P
C C P Alliance
Posted - 2010.10.21 17:20:00 - [65]
 

Originally by: Max Cetera
And about API, any chance we could disable calls individually ? It seems technically doable at least (and not memory/processing heavy)


That is what people mean by granular/customizable keys and we do recognize the need for them. It's at the top of the Tech Debt list now that the caching has been ameliorated. Hopefully we will find time for it in the nearest possible future and will be able to present you with an awesome new API key schema with Incarna.

As always these are just my musings and are quite conditional to the whims of external pressures, so I cannot promise anything at this stage. Wink

Hel O'Ween
Men On A Mission
EVE Trade Consortium
Posted - 2010.10.22 16:31:00 - [66]
 

Originally by: CCP Prism X

That is what people mean by granular/customizable keys and we do recognize the need for them. It's at the top of the Tech Debt list now that the caching has been ameliorated. Hopefully we will find time for it in the nearest possible future and will be able to present you with an awesome new API key schema with Incarna.



Good news, Prism X, very good news! Smile

Mashie Saldana
Minmatar
Veto Corp
Posted - 2010.10.22 18:34:00 - [67]
 

Would it be possible to have the new features like character birth date and total login time in the limited key as well?

Catari Taga
Centre Of Attention
Middle of Nowhere
Posted - 2010.10.23 03:17:00 - [68]
 

Originally by: Hel O'Ween
Originally by: CCP Prism X
That is what people mean by granular/customizable keys and we do recognize the need for them. It's at the top of the Tech Debt list now that the caching has been ameliorated. Hopefully we will find time for it in the nearest possible future and will be able to present you with an awesome new API key schema with Incarna.



Good news, Prism X, very good news! Smile

indeed, sounds good!

Originally by: Mashie Saldana
Would it be possible to have the new features like character birth date and total login time in the limited key as well?

first one is already limited key and wtf do you want with the second one? (no!)

Mashie Saldana
Minmatar
Veto Corp
Posted - 2010.10.23 14:53:00 - [69]
 

Originally by: Catari Taga
first one is already limited key and wtf do you want with the second one? (no!)


Shiny stats mainly as people are more likely to share the limited key than the full key.

Don Kartel
Posted - 2010.10.23 17:49:00 - [70]
 

what would be really nice to see is character history - i.e. the characters account history so you can see if a character has been tranfered from another account at any point. Very handy for account security audits which most corps do these days when someone trys to apply to join them.




Rampoulina
Posted - 2010.10.27 11:49:00 - [71]
 

I have been building an application using the new API call provided on http://apitest.eve-online.com, more precisely to fetch mail headers (http://apitest.eve-online.com/char/MailMessages.xml.aspx)

The call returns headers up until the 6th September (first time I tried the API) but no other mails after this, however my ingame mailbox does contain messages from after the 6th.

Is this normal since it is in testing phase? Should I post mails on Sisi in order to test my application?

Also, the "fromID" parameter works strangely: it will return messages older than the message specified by "fromID". This seems useless, what would be a lot more usefull is to provide messages more recent than "fromID"

PS: I have filled a bug report on this, id:102585.

CCP Prism X


Gallente
C C P
C C P Alliance
Posted - 2010.10.27 15:02:00 - [72]
 

Originally by: Rampoulina
I have been building an application using the new API call provided on http://apitest.eve-online.com, more precisely to fetch mail headers (http://apitest.eve-online.com/char/MailMessages.xml.aspx)

The call returns headers up until the 6th September (first time I tried the API) but no other mails after this, however my ingame mailbox does contain messages from after the 6th.

Is this normal since it is in testing phase? Should I post mails on Sisi in order to test my application?

Also, the "fromID" parameter works strangely: it will return messages older than the message specified by "fromID". This seems useless, what would be a lot more usefull is to provide messages more recent than "fromID"

PS: I have filled a bug report on this, id:102585.


The test API hooks up to SISI, not TQ. Unless someone is sending you mails on SISI no new mails get added so this is completely normal.

The fromID is supplied if you want to search back in time so I'm not sure why you think it is useless. As I see it you'd start off by requesting stuff without a fromID and thus get the most recent mail, then start paging back from the last ID given if you're interested in older mails. There's no going forward until the cache expires, at which point calling again with no fromID will repopulate with any new mails received while the "front page" was cached. Calling the parameter fromID felt very natural as you "then start paging back from the last ID given".

But I'm a developer, not a user. Feel free to elaborate on why this feels unnatural to you.Wink

Ruhige Schmerz
New Eden Scientific Association
Posted - 2010.10.27 18:15:00 - [73]
 

Just got linked here through the newsletter today, whee!

I for one think the "cachedUntil" "fix" is, from a developer standpoint, a horrible idea.

I'm trying to have faith that you guys have considered what is going to happen if all the applications do respect the value, and then every application out there hammers your servers at exactly the same second for data, while they sit "idle" the rest of the time.

Within an hour of first using the API I noticed that the cache state was "lying" to me. For the reasons above, I honestly thought you guys had done this on purpose.

Hopefully you're prepared for the load, and have something in place to spread the cache expiration dates out over time.

Rampoulina
Posted - 2010.10.28 12:55:00 - [74]
 

Thanks for your answer, indeed I understand the usefullness of the fromID now. However, in other cases (most of mine anyway) what happens is this:

- User logs in for the first time on the application
- Application fetchs the latest mails (no added parameters): 50 mails or less added
- (What would be cool:) Every time the user refreshes her mails, a fetch with the latest messageID is made, so the API returns every message with a superior ID.

Otherwise to refresh the mails, we have to make the classic call, and are returned 50 mails, which is more heavy to download and to parse and useless since we already had them.

CCP Prism X


Gallente
C C P
C C P Alliance
Posted - 2010.10.28 13:16:00 - [75]
 

Originally by: Rampoulina
Thanks for your answer, indeed I understand the usefullness of the fromID now. However, in other cases (most of mine anyway) what happens is this:

- User logs in for the first time on the application
- Application fetchs the latest mails (no added parameters): 50 mails or less added
- (What would be cool:) Every time the user refreshes her mails, a fetch with the latest messageID is made, so the API returns every message with a superior ID.

Otherwise to refresh the mails, we have to make the classic call, and are returned 50 mails, which is more heavy to download and to parse and useless since we already had them.


Ah right, now I understand where you are coming from with this! Wink

You wont get any new emails unless the CachedUntil expires of course so you can safe yourself any parsing just by not refreshing the front page until you know the cache has expired. You can also just stop parsing the mails once you get to your latest maxID but that will not help you with avoiding the request of redundant data.

I will make a note of this. It's (most likely) preferable for everybody to have some optional bit to only fetch the refreshed data. It is however not going to happen for Tyrannis 1.2 as I do not like messing with approved release candidates. Tends to introduce more bugs than fix anything. Wink

Rampoulina
Posted - 2010.10.28 14:16:00 - [76]
 

Yes, stoping after finding the latestID while parsing should do it. You can think about adding this kind of params for the KillLog, Wallet etc... if you can Wink. On devices with low bandwith fetching an almost empty file can be a real bonus.

Bael Gar
Posted - 2010.11.02 20:05:00 - [77]
 

Page: http://api.eve-online.com/account/AccountStatus.xml.aspx

do not take into account PLEX payments!

I have two active accounts.
For one paid by real money - API returns correct results.
But for another - paid by PLEXes - API returns date of LAST realmoney payment.




Chruker
Posted - 2010.11.07 10:03:00 - [78]
 

This part:
Quote:
•Standings
◦Now only report NPC standings as contact pages have replaced player based standings.



Also seems to hide the following change to the structure of the xml:
Quote:

<result>
<standingsTo>
<rowset name="characters" key="toID" columns="toID,toName,standing" />
<rowset name="corporations" key="toID" columns="toID,toName,standing" />
</standingsTo>
<standingsFrom>
<rowset name="agents" key="fromID" columns="fromID,fromName,standing">
<row fromID="3018672" fromName="Vari Satilela" standing="10.00" />
</rowset>
<rowset name="NPCCorporations" key="fromID" columns="fromID,fromName,standing" />
<rowset name="factions" key="fromID" columns="fromID,fromName,standing" />
</standingsFrom>
</result>



to

Quote:

<result>
<characterNPCStandings>
<rowset name="agents" key="fromID" columns="fromID,fromName,standing">
<row fromID="3018672" fromName="Vari Satilela" standing="10.00" />
</rowset>
<rowset name="NPCCorporations" key="fromID" columns="fromID,fromName,standing" />
<rowset name="factions" key="fromID" columns="fromID,fromName,standing" />
</characterNPCStandings>
</result>



Notice the change from standingsFrom to characterNPCstandings


Pages: 1 2 [3]

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only