Difference between revisions of "LlRequestSecureURL"

From Second Life Wiki
Jump to navigation Jump to search
m
(Add a warning regarding the use of self-issued certificates, and the errors that causes.)
(12 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{{KBwarning|[[llRequestSecureURL]] uses a self-issued certificate, which can cause all kinds of spurious errors. If you are encountering issues, check that your remote is configured to recognize the Linden Lab Certificate Authority. Check the [[#Caveats|Caveats]] section below for details.}}
{{LSL_Function
{{LSL_Function
|func_id=346|func_sleep=0.0|func_energy=10.0
|func_id=346|func_sleep=0.0|func_energy=10.0
|func=llGetFreeURLs|return_type=string
|func=llRequestSecureURL
|return_type=key|return_subtype=handle
|func_footnote
|func_footnote
|func_desc=Requests one HTTPS:// (SSL) url for use by this object. The [[http_server]] event is tiggered with results.
|func_desc=Requests one HTTPS:// (SSL) url for use by this [[object]]. The [[http_request]] [[event]] is tiggered with result of the request. HTTPS-in uses port 12043.
|return_text=that is the handle used for identifying the request in the [[http_server]] event.
|return_text=used for identifying the result of the request in the [[http_request]] [[event]].
|spec
|spec
|caveats
|caveats=*HTTPS-in uses port 12043 (that port is in the URL returned by this method).
*When a region is (re)started all [[http_request|HTTP server]] URLs are automatically released and invalidated.
**Use [[CHANGED_REGION_START]] to detect this so new URL can be requested.
* The server certificate is signed by our own Linden Lab Certificate Authority. In order for your client to validate the server certificate, you will need to download and install our CA certificate and add it to the CA store on your system: you can download it from https://bitbucket.org/lindenlab/llca/raw/master/LindenLab.crt
|constants
|constants
|examples=
|examples=
{{LSL Tip|Never ever forget to release a URL again which you have requested! URLs are region resources just like prims. If you take them all you can get into big trouble with the sim owner and/or estate managers.}}
Requesting a secure URL.
<source lang="lsl2">
string secureUrl;
key urlRequestId;
key selfCheckRequestId;
request_secure_url()
{
    llReleaseURL(secureUrl);
    secureUrl = "";
    urlRequestId = llRequestSecureURL();
}
throw_exception(string inputString)
{
    key owner = llGetOwner();
    llInstantMessage(owner, inputString);
    // yeah, bad way to handle exceptions by restarting.
    // However this is just a demo script...
    llResetScript();
}
default
{
    on_rez(integer start_param)
    {
        llResetScript();
    }
    changed(integer change)
    {
        if (change & (CHANGED_OWNER | CHANGED_INVENTORY))
        {
            llReleaseURL(secureUrl);
            secureUrl = "";
            llResetScript();
        }
        if (change & (CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT))
            request_secure_url();
    }
    state_entry()
    {
        request_secure_url();
    }
    http_request(key id, string method, string body)
    {
        integer responseStatus = 400;
        string responseBody = "Unsupported method";
        if (method == URL_REQUEST_DENIED)
            throw_exception("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
        else if (method == URL_REQUEST_GRANTED)
        {
            secureUrl = body;
            key owner = llGetOwner();
            llLoadURL(owner, "Click to visit my URL!", secureUrl);
            // check every 5 mins for dropped URL
            llSetTimerEvent(300.0);
        }
        else if (method == "GET")
        {
            responseStatus = 200;
            responseBody = "Hello world!";
        }
        // else if (method == "POST") ...;
        // else if (method == "PUT") ...;
        // else if (method == "DELETE") { responseStatus = 403; responseBody = "forbidden"; }
        llHTTPResponse(id, responseStatus, responseBody);
    }
    http_response(key id, integer status, list metaData, string body)
    {
        if (id == selfCheckRequestId)
        {
            // If you're not usually doing this,
            // now is a good time to get used to doing it!
            selfCheckRequestId = NULL_KEY;
            if (status != 200)
                request_secure_url();
        }
        else if (id == NULL_KEY)
            throw_exception("Too many HTTP requests too fast!");
    }
    timer()
    {
        selfCheckRequestId = llHTTPRequest(secureUrl,
                                [HTTP_METHOD, "GET",
                                    HTTP_VERBOSE_THROTTLE, FALSE,
                                    HTTP_BODY_MAXLENGTH, 16384],
                                "");
    }
}
</source>
|helpers
|helpers
|mode=
|also_functions=
|also_functions=
{{LSL DefineRow||[[llRequestURL]]}}
{{LSL DefineRow||[[llRequestURL]]}}

Revision as of 06:35, 2 July 2022

KBwarning.png Warning: llRequestSecureURL uses a self-issued certificate, which can cause all kinds of spurious errors. If you are encountering issues, check that your remote is configured to recognize the Linden Lab Certificate Authority. Check the Caveats section below for details.

Summary

Function: key llRequestSecureURL( );

Requests one HTTPS:// (SSL) url for use by this object. The http_request event is tiggered with result of the request. HTTPS-in uses port 12043.
Returns a handle (a key) used for identifying the result of the request in the http_request event.

Caveats

  • HTTPS-in uses port 12043 (that port is in the URL returned by this method).
  • When a region is (re)started all HTTP server URLs are automatically released and invalidated.
  • The server certificate is signed by our own Linden Lab Certificate Authority. In order for your client to validate the server certificate, you will need to download and install our CA certificate and add it to the CA store on your system: you can download it from https://bitbucket.org/lindenlab/llca/raw/master/LindenLab.crt
All Issues ~ Search JIRA for related Bugs

Examples

KBcaution.png Important: Never ever forget to release a URL again which you have requested! URLs are region resources just like prims. If you take them all you can get into big trouble with the sim owner and/or estate managers.

Requesting a secure URL. 

string secureUrl;
key urlRequestId;
key selfCheckRequestId;
 
request_secure_url()
{
    llReleaseURL(secureUrl);
    secureUrl = "";
 
    urlRequestId = llRequestSecureURL();
}
 
throw_exception(string inputString)
{
    key owner = llGetOwner();
    llInstantMessage(owner, inputString);
 
    // yeah, bad way to handle exceptions by restarting.
    // However this is just a demo script...
 
    llResetScript();
}
 
default
{
    on_rez(integer start_param)
    {
        llResetScript();
    }
 
    changed(integer change)
    {
        if (change & (CHANGED_OWNER | CHANGED_INVENTORY))
        {
            llReleaseURL(secureUrl);
            secureUrl = "";
 
            llResetScript();
        }
 
        if (change & (CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT))
            request_secure_url();
    }
 
    state_entry()
    {
        request_secure_url();
    }
 
    http_request(key id, string method, string body)
    {
        integer responseStatus = 400;
        string responseBody = "Unsupported method";
 
        if (method == URL_REQUEST_DENIED)
            throw_exception("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
 
        else if (method == URL_REQUEST_GRANTED)
        {
            secureUrl = body;
            key owner = llGetOwner();
            llLoadURL(owner, "Click to visit my URL!", secureUrl);
 
            // check every 5 mins for dropped URL
            llSetTimerEvent(300.0);
        }
        else if (method == "GET")
        {
            responseStatus = 200;
            responseBody = "Hello world!";
        }
        // else if (method == "POST") ...;
        // else if (method == "PUT") ...;
        // else if (method == "DELETE") { responseStatus = 403; responseBody = "forbidden"; }
 
        llHTTPResponse(id, responseStatus, responseBody);
    }
 
    http_response(key id, integer status, list metaData, string body)
    {
        if (id == selfCheckRequestId)
        {
            // If you're not usually doing this,
            // now is a good time to get used to doing it!
            selfCheckRequestId = NULL_KEY;
 
            if (status != 200)
                request_secure_url();
        }
 
        else if (id == NULL_KEY)
            throw_exception("Too many HTTP requests too fast!");
    }
 
    timer()
    {
        selfCheckRequestId = llHTTPRequest(secureUrl,
                                [HTTP_METHOD, "GET",
                                    HTTP_VERBOSE_THROTTLE, FALSE,
                                    HTTP_BODY_MAXLENGTH, 16384],
                                "");
    }
}

See Also

Functions

•  llRequestURL
•  llGetFreeURLs
•  llReleaseURL
•  llHTTPResponse
•  llGetHTTPHeader

Articles

•  LSL http server

Deep Notes

History

Search JIRA for related Issues

Signature

function key llRequestSecureURL();
Retrieved from "https://wiki.secondlife.com/w/index.php?title=LlRequestSecureURL&oldid=1210885"