open All Channels
seplocked EVE Information Portal
blankseplocked New Dev Blog: In-game Browser new functions
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: [1] 2 3

Author Topic

CCP Fallout

Posted - 2011.03.31 13:00:00 - [1]
 

Changes are afoot with our in-game browser, and CCP Orion's newest dev blog gives us the scoop. Read all about the new functions currently being tested on Singularity here.

Jamaican Herbsman
I Love You Mary Jane
Posted - 2011.03.31 13:06:00 - [2]
 

again first

Technobabble to me

Insert Your Name
Posted - 2011.03.31 13:15:00 - [3]
 

oO

Patient 2428190
DEGRREE'Fo'FREE Internet Business School
Posted - 2011.03.31 13:37:00 - [4]
 

So I could make a webpage that would contract all your stuff to me?

Ms Michigan
Gallente
Aviation Professionals for EVE
Fusion Alliance
Posted - 2011.03.31 13:48:00 - [5]
 

Originally by: Patient 2428190
So I could make a webpage that would contract all your stuff to me?


Yeah that was exactly my thought too. Or give them all my money.

I am no computer sci genious (all this IGB trusted stuff is new to me) but my first experience with this was the other day with the website staticmapper.com. You can trust it and it will share the anomolie bookmarks with your corp in a wormhole or solar system.

I had NO idea websites could pull data from the user unless it was inputted (besides seeing your IP address). Not sure I am liking this. It is ok if you trust the place but don't accidentally do it. YIPES

Master Gotama
Posted - 2011.03.31 13:57:00 - [6]
 

FYI, not every eve player is a web developer. have no idea what this means or why i should be excited. but i guess that may have been the point, heh.

Jowen Datloran
Caldari
Science and Trade Institute
Posted - 2011.03.31 14:01:00 - [7]
 

Am I spotting a potential risk of "trusting" a website due to beeing offered some usabale functionality while the website use the same access to pull other information/do other tricks?

Arkady Sadik
Minmatar
Electus Matari
Posted - 2011.03.31 14:04:00 - [8]
 

Thank you!

It would be really nifty (for automated address book updates) to have a javascript function that adds a contact fully, with tags etc. So something like


CCPEVE.addContact(12345678, +10, ['Diplomat']);

Razin
The xDEATHx Squadron
Legion of xXDEATHXx
Posted - 2011.03.31 14:08:00 - [9]
 

All cool stuff I'm sure!

But when is the IGB going to start behaving a little more like a regular browser? Like having a text search function, or keeping the vertical location on a page when using the "back" or "forward" functions? Would also be nice to be able to organize the links with sub-folders and the sorting options.

Oh yeah, and matching the IGB scroll bars with the rest of in-game UI would be great.

Martc
Aliastra
Posted - 2011.03.31 14:28:00 - [10]
 

I see big security issue. Should be more trust levels, one for not harmful function and second for rest. I dont want to see my route planner sending email or selling my items.

Internet Knight
The Kobayashi Maru
Posted - 2011.03.31 14:30:00 - [11]
 

Edited by: Internet Knight on 31/03/2011 14:30:52
Nice devblog about tech stuff. I like tech stuff.

I think it's funny that we're talking about web stuff but Orion (or, whoever runs the blogs?) doesn't know how to summarize a blog for the blog list.

Funny indeed.

Also, cookies. I like cookies. Coconut oatmeal are my favorite.

andeira
Posted - 2011.03.31 14:36:00 - [12]
 

So if I understand this correctly I can make a website and get some idiot to accept it as a trusted site and then I can make this site contract all his **** to me trough javascript?

If I can do this I will love you forever

Turelus
Caldari Independent Navy Reserve
Posted - 2011.03.31 14:39:00 - [13]
 

I have no idea what any of that means :P

IBC

CCP Orion

Posted - 2011.03.31 14:54:00 - [14]
 

Originally by: andeira
So if I understand this correctly I can make a website and get some idiot to accept it as a trusted site and then I can make this site contract all his **** to me trough javascript?

If I can do this I will love you forever


Well, sorry to disappoint you, but no Wink. The IGB is only a substite/enhancement to the current menu system. The createContract function for example only opens the contract dialog with the specified items and type pre-selected.

Callic Veratar
Posted - 2011.03.31 14:56:00 - [15]
 

I'm still hoping for Middle Click to open a new tab. The lack of that feature makes me sad.

Galen Kamari
Gallente
Pelican.
Atlas.
Posted - 2011.03.31 15:21:00 - [16]
 

Edited by: Galen Kamari on 31/03/2011 17:10:03
Originally by: Patient 2428190
So I could make a webpage that would contract all your stuff to me?

I haven't had time to play with it yet since Fanfest, but as I recall the contract panel is still displayed: it's not an entirely automated process, there's just a little less clicking.

Originally by: Ms Michigan
Yeah that was exactly my thought too. Or give them all my money.

The money transfer idea was floated during a Dev Track session but not confirmed. There were some hesitations about it, but I'm sure it too would still require confirmation just as if you'd opened the window yourself. The scripted route would just save you the trouble of finding the person/corp in question through People & Places (or whatever).

Originally by: Ms Michigan
I had NO idea websites could pull data from the user unless it was inputted (besides seeing your IP address).

Without entering your API key, there's very little information that can be gleaned about a player from the API. Just the basics. Trusting a website doesn't give a site a great deal more, though it will expose where you are and what type of ship you're flying with these updates; the former can be found with locator agents anyway.

Originally by: Jowen Datloran
Am I spotting a potential risk of "trusting" a website due to beeing offered some usabale functionality while the website use the same access to pull other information/do other tricks?

The list of exposed information is listed in the Dev Blog, and giving out your API key isn't trivial unless you don't read anything on that page.

Originally by: Razin
But when is the IGB going to start behaving a little more like a regular browser? Like having a text search function, or keeping the vertical location on a page when using the "back" or "forward" functions? Would also be nice to be able to organize the links with sub-folders and the sorting options.

Oh yeah, and matching the IGB scroll bars with the rest of in-game UI would be great.

The version of Chromium is going to be updated which might well introduce those features: I'm not familiar with the engine myself. As for UI matching, there were some interesting ideas around skinning floated around at Fanfest, so things of that nature have been discussed.

Originally by: Martc
I see big security issue. Should be more trust levels, one for not harmful function and second for rest. I dont want to see my route planner sending email or selling my items.

Plans for customised access levels, including time-limited keys, were emphasised (as already announced in a previous blog).

Pallaxia
Posted - 2011.03.31 15:42:00 - [17]
 

Very nice. Session-change callback, please?

Somerset Mahm
Somer's Omnibus Exploration and Reclamation
Cognitive Distortion
Posted - 2011.03.31 15:43:00 - [18]
 

Edited by: Somerset Mahm on 31/03/2011 16:01:29
Some great steps forward, such as auto-populating a mail. That saves me quite a lot of time.

Would love to see the aforementioned Give Money function (.giveMoney(amount, charID, reason=None)) that pre-pops that window. Would need to prevent it from being fired without a manual interaction (like a button click) probably.

I'd also hope for a couple enhancements on the new functions:

addContact(charID, standing=None, note=None) # let standing be set immediately
addContacts([charIDs], standing=None, note=None) # allows for bulk adding of contacts

createContract(contractType, charID=None, station=None, itemIDs=None) # allow specification of target character

Two step
Aperture Harmonics
K162
Posted - 2011.03.31 15:44:00 - [19]
 

I would gladly trade all of this new stuff for a give money call. Have it pop up the give money dialog, make sure that cancel is the default, and maybe even make it so the OK button is disabled for 2 seconds. This would save a lot of corps a huge amount of time and effort.

A couple other requests:
1) How about the current ship's fittings in the shipid format in one of the headers?
2) We still really really really need some what of authenticating the IGB headers. This is all doable with some API work, and would be very useful.
3) Any chance we could also get an unique per-account id (not the username) in the headers?

It is great to hear that work is still being done on the IGB, it is a very useful tool.

Sentient Blade
Posted - 2011.03.31 15:57:00 - [20]
 

A few things, based on experience developing integrated websites for other environments, although I haven't looked into EvE's much.

1. Needs a chat shortcut to call functions upon the page, typically this would have a given prefix such as /igb which would invoke onPlayerMessage([object] playerInfo, message).

"/igb note Enemy sighted"

2. The IGB has a bit of a habit of taking up a fair bit of screen real estate, it would be beneficial if the COM class / plugin etc could inject a stream of text into the local (visible only to the player).

CCPEVE.displayLocalMessage("You have received a forum reply from " + post.fromUserName, EVE.Colors.IMPORTANT);

3. Block looks very useful. I am wondering if this would open up the possibility of shared blocked lists? Personally I'd be looking for a one-click mechanism to update my block list with a known list of Jita scammers / spam bots.

4. Invocation of additional events such as onCombatLog, onLocationChanged. I would personally love to have the combat log parsed in real time and graphed to show how much damage I am putting out, who is putting the most damage on me etc.

5. Break the IGB out of the custom rendering and let it be opened up as a separate window so it can be dragged onto another screen. Let multiple windows be opened at once each connected to the same client and provide a way via the CCPEVE plugin to communicate between them without reliant on heavy ajax polling or COMET.

6. How is this data signed to ensure that the headers are valid? Clients have to trust the website but what level of trust should the website put in the client data?

7. A method of opening the skill training list with a list of skills filled in for it, to provide functionality similar to an 'import training queue'. Also add options to poll the current skill queue.

8. Temporary API key access, to allow a trusted website to receive an access token for the player which is valid only for the duration of their current login session, or until they force the IGB to relinquish it, whichever comes sooner. This could potentially include a mechanism for bypassing the call limit while running inside of the IGB as many services would desire immediate updates.

Anyway, that's just a few things off the top of my head.

Somerset Mahm
Somer's Omnibus Exploration and Reclamation
Cognitive Distortion
Posted - 2011.03.31 16:05:00 - [21]
 

Quote:
3) Any chance we could also get an unique per-account id (not the username) in the headers?
It is great to hear that work is still being done on the IGB, it is a very useful tool.

Not good for people that don't want their characters linked.

Not T'amber
Posted - 2011.03.31 16:23:00 - [22]
 

So many oppurtunities for win its making my brain hurt.

Sentient Blade
Posted - 2011.03.31 16:30:00 - [23]
 

Originally by: Somerset Mahm
Quote:
3) Any chance we could also get an unique per-account id (not the username) in the headers?
It is great to hear that work is still being done on the IGB, it is a very useful tool.

Not good for people that don't want their characters linked.


Websites do not exist within the realm of the EvE rules in terms of identity etc. A website owner has the right to deny you as a person access, and if that means banning your entire ID that's just tough.

Also, I'm tired. I think I originally tried to send this message as a report :S my bad. Sorry.

Patient 2428190
DEGRREE'Fo'FREE Internet Business School
Posted - 2011.03.31 16:31:00 - [24]
 

Originally by: CCP Orion
Originally by: andeira
So if I understand this correctly I can make a website and get some idiot to accept it as a trusted site and then I can make this site contract all his **** to me trough javascript?

If I can do this I will love you forever


Well, sorry to disappoint you, but no Wink. The IGB is only a substite/enhancement to the current menu system. The createContract function for example only opens the contract dialog with the specified items and type pre-selected.


Would it be possible to have the createContract to include all possible items?

I can just see the Jita spamming saying "Trust my website, click 5 buttons and win a 1 billion ISK!"

Galen Kamari
Gallente
Pelican.
Atlas.
Posted - 2011.03.31 16:33:00 - [25]
 

Originally by: Sentient Blade
6. How is this data signed to ensure that the headers are valid?

It's not.

Quote:
Clients have to trust the website but what level of trust should the website put in the client data?

None at all. If you want access control, you need another system. The headers should be assumed to be forged.

This question came up in the third Dev Track session, I believe. At least for now, there's no intention of having authentication built-in.

Quote:
8. Temporary API key access, to allow a trusted website to receive an access token for the player which is valid only for the duration of their current login session, or until they force the IGB to relinquish it, whichever comes sooner.

I mentioned this above. One of the new API key system features will be the ability to set a time limit on the validity of the key. For example, this means that you could give a key to your CEO when joining a corp. for the usual initial checks, but it would only last for a day (or whatever you want) so that they don't have permanent access to character data (unless you choose to give it) without having to reset a full or limited key for all uses.

Catari Taga
Centre Of Attention
Middle of Nowhere
Posted - 2011.03.31 16:42:00 - [26]
 

Edited by: Catari Taga on 31/03/2011 16:42:30
Originally by: Arkady Sadik
Thank you!

It would be really nifty (for automated address book updates) to have a javascript function that adds a contact fully, with tags etc. So something like


CCPEVE.addContact(12345678, +10, ['Diplomat']);


Yeah, I already asked for this in the tech labs thread, please do this, and ideally allow passing an array of contacts to that function.

(PS: this is not providing functionality that's missing in the client, this is just working around the horrible client UI)

Krennel Darius
Caldari
EON Solutions
The Laughing Men
Posted - 2011.03.31 17:10:00 - [27]
 

Can we watch videos on it now?

mkmin
Posted - 2011.03.31 17:10:00 - [28]
 

Does anybody else smell "extremely dangerous"? There is no mention of the headers requiring "trusted" status. I don't trust very many sites at all, but if they can slip in some code that takes all your stuff I won't be trusting any sites ever again.

Sounds like it might be time to add CCPBrowser.exe to blacklisted software. :S

Two step
Aperture Harmonics
K162
Posted - 2011.03.31 17:19:00 - [29]
 

Originally by: mkmin
Does anybody else smell "extremely dangerous"? There is no mention of the headers requiring "trusted" status. I don't trust very many sites at all, but if they can slip in some code that takes all your stuff I won't be trusting any sites ever again.

Sounds like it might be time to add CCPBrowser.exe to blacklisted software. :S


*all* IGB specific headers require trust, I don't see why these would be any different.

Somerset Mahm
Somer's Omnibus Exploration and Reclamation
Cognitive Distortion
Posted - 2011.03.31 17:23:00 - [30]
 

Originally by: Sentient Blade
Originally by: Somerset Mahm
Quote:
3) Any chance we could also get an unique per-account id (not the username) in the headers?
It is great to hear that work is still being done on the IGB, it is a very useful tool.

Not good for people that don't want their characters linked.


Websites do not exist within the realm of the EvE rules in terms of identity etc. A website owner has the right to deny you as a person access, and if that means banning your entire ID that's just tough.


Oh, I wouldn't mind it at all as a website operator. But people that use a site with an alt that the website operator can now link to their main because both characters have the same account ID will scream. That's the angle I was looking at it from.


Pages: [1] 2 3

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only