799 posts
Location
Land of Meh
Posted 20 January 2013 - 09:04 AM
Hey,
I was wondering if it would be possible at all to send the HTTP requests (using the http.post, get and request methods) from the client's IP address instead of the server's, when playing on a multiplayer server? This would be super useful when sending requests to PHP scripts on a web server.
It would allow you to limit accounts created to 1 per IP address, as you wouldn't have to worry about limiting/blocking everyone on the server. Also it would allow you to properly rate limit IP addresses, as you would only be affecting 1 person, not everyone on a server.
Thanks!
2447 posts
Posted 20 January 2013 - 09:06 AM
Nope, not possible I'm afraid. How would the server know what client to use if more than one person in the GUI?
799 posts
Location
Land of Meh
Posted 20 January 2013 - 09:09 AM
Nope, not possible I'm afraid. How would the server know what client to use if more than one person in the GUI?
Ah damn. I see your point.
Ok thanks :P/>
123 posts
Posted 24 January 2013 - 08:50 PM
Also, it becomes a security risk (not that servers where people who would do risky things are on should have HTTP enabled in the first place).
808 posts
Posted 02 February 2013 - 05:00 PM
Also, it becomes a security risk (not that servers where people who would do risky things are on should have HTTP enabled in the first place).
Maybe I just don't know enough, but I'm pretty sure that HTTP is pretty secure. You send text, you get text. Nothing is forcefully executed and if it were, in the case of computercraft it'd be within the sandbox of the computer, which is strict enough to be zero threat.
474 posts
Posted 02 February 2013 - 05:09 PM
Also, it becomes a security risk (not that servers where people who would do risky things are on should have HTTP enabled in the first place).
Maybe I just don't know enough, but I'm pretty sure that HTTP is pretty secure. You send text, you get text. Nothing is forcefully executed and if it were, in the case of computercraft it'd be within the sandbox of the computer, which is strict enough to be zero threat.
I think he means being able to get the client's IP.
497 posts
Location
The Big Apple, NY
Posted 02 February 2013 - 05:43 PM
What/who are you worried about getting your IP? the server…no they have it. The website…no they have it. Pretty much anywhere you go online has ur ip…
997 posts
Location
Wellington, New Zealand
Posted 02 February 2013 - 06:13 PM
Also, it becomes a security risk (not that servers where people who would do risky things are on should have HTTP enabled in the first place).
Maybe I just don't know enough, but I'm pretty sure that HTTP is pretty secure. You send text, you get text. Nothing is forcefully executed and if it were, in the case of computercraft it'd be within the sandbox of the computer, which is strict enough to be zero threat.
I think he means being able to get the client's IP.
* Send request to facebook.com from the client's IP.
* Get the client's facebook page.
(or replace facebook.com by some site that uses IPs for authentication (which is a bad idea but it happens))
Or even:
* Send request to 192.168.1.254
* Muck with client's router's settings.