LlRequestSecureURL: Difference between revisions

From Second Life Wiki
Jump to navigation Jump to search
← Older edit
Peter Stindberg (talk | contribs)
helpers
199 edits
Someone more knowledgable please rephrase this. New certificates as of Spring 2025.
Gwyneth Llewelyn (talk | contribs)
helpers
3,004 edits
m Removed the warning & information regarding the self-signed certificate, since LL already replaced it with a bona-fide one
 
Line 1: Line 1:
{{KBwarning|[[llRequestSecureURL]] uses a self-issued certificate, which can cause all kinds of spurious errors. If you are encountering issues, check that your remote is configured to recognize the Linden Lab Certificate Authority. Check the [[#Caveats|Caveats]] section below for details.}}
{{LSL_Function
{{LSL_Function
|func_id=346|func_sleep=0.0|func_energy=10.0
|func_id=346|func_sleep=0.0|func_energy=10.0
Line 11: Line 10:
*When a [[region]] is (re)started all [[http_request|HTTP server]] URLs are automatically released and invalidated.
*When a [[region]] is (re)started all [[http_request|HTTP server]] URLs are automatically released and invalidated.
**Use [[CHANGED_REGION_START]] to detect this so a new URL can be requested.
**Use [[CHANGED_REGION_START]] to detect this so a new URL can be requested.
* The {{Wikipedia|Public key certificate|server certificate}} is {{Wikipedia|Self-signed certificate|signed}} by our own Linden Lab {{Wikipedia|Certificate Authority}}. In order for your [[Second Life Viewer|client]] to validate the server certificate, you will need to download and install our CA certificate and add it to the CA store on your system: you can download it from https://raw.githubusercontent.com/secondlife/llca/master/LindenLab.crt<ref>Note that Linden Lab has moved from the old BitBucket repository to GitHub; the link is to the [https://github.com/secondlife/llca new official repository].</ref>
* As of Spring 2025, new certificate handling is being rolled out. This might change the whole process. See https://community.secondlife.com/forums/topic/521090-grid-ssl-cert-updates-coming-soon/
|constants
|constants
|examples=
|examples=

Latest revision as of 12:53, 20 May 2025

Summary

Function: key llRequestSecureURL( );
0.0 Forced Delay
10.0 Energy

Requests one HTTPS:// ("Wikipedia logo"SSL) "Wikipedia logo"URL for use by this object. The http_request event is triggered with result of the request. HTTPS-in uses port 12043.
Returns a handle (a key) used for identifying the result of the request in the http_request event.

Caveats

  • HTTPS-in uses port 12043 (that port is in the URL returned by this method).
  • When a region is (re)started all HTTP server URLs are automatically released and invalidated.

Examples

Important: Never ever forget to release a URL again which you have requested! URLs are region resources just like prims. If you take them all you can get into big trouble with the region owner and/or estate managers.

Requesting a secure URL: 

string secureUrl;
key urlRequestId;
key selfCheckRequestId;
 
request_secure_url()
{
    llReleaseURL(secureUrl);
    secureUrl = "";
 
    urlRequestId = llRequestSecureURL();
}
 
throw_exception(string inputString)
{
    key owner = llGetOwner();
    llInstantMessage(owner, inputString);
 
    // yeah, bad way to handle exceptions by restarting.
    // However this is just a demo script...
 
    llResetScript();
}
 
default
{
    on_rez(integer start_param)
    {
        llResetScript();
    }
 
    changed(integer change)
    {
        if (change & (CHANGED_OWNER | CHANGED_INVENTORY))
        {
            llReleaseURL(secureUrl);
            secureUrl = "";
 
            llResetScript();
        }
 
        if (change & (CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT))
            request_secure_url();
    }
 
    state_entry()
    {
        request_secure_url();
    }
 
    http_request(key id, string method, string body)
    {
        integer responseStatus = 400;
        string responseBody = "Unsupported method";
 
        if (method == URL_REQUEST_DENIED)
            throw_exception("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
 
        else if (method == URL_REQUEST_GRANTED)
        {
            secureUrl = body;
            key owner = llGetOwner();
            llLoadURL(owner, "Click to visit my URL!", secureUrl);
 
            // check every 5 mins for dropped URL
            llSetTimerEvent(300.0);
        }
        else if (method == "GET")
        {
            responseStatus = 200;
            responseBody = "Hello world!";
        }
        // else if (method == "POST") ...;
        // else if (method == "PUT") ...;
        // else if (method == "DELETE") { responseStatus = 403; responseBody = "forbidden"; }
 
        llHTTPResponse(id, responseStatus, responseBody);
    }
 
    http_response(key id, integer status, list metaData, string body)
    {
        if (id == selfCheckRequestId)
        {
            // If you're not usually doing this,
            // now is a good time to get used to doing it!
            selfCheckRequestId = NULL_KEY;
 
            if (status != 200)
                request_secure_url();
        }
 
        else if (id == NULL_KEY)
            throw_exception("Too many HTTP requests too fast!");
    }
 
    timer()
    {
        selfCheckRequestId = llHTTPRequest(secureUrl,
                                [HTTP_METHOD, "GET",
                                    HTTP_VERBOSE_THROTTLE, FALSE,
                                    HTTP_BODY_MAXLENGTH, 16384],
                                "");
    }
}

See Also

Functions

•  llRequestURL
•  llGetFreeURLs
•  llReleaseURL
•  llHTTPResponse
•  llGetHTTPHeader

Articles

•  LSL http server

Deep Notes

History

Signature

function key llRequestSecureURL();
Retrieved from "https://wiki.secondlife.com/w/index.php?title=LlRequestSecureURL&oldid=1218304"