ID:1816202
 Mar 23 2015, 7:23 am
|
|||||||
| |||||||
Will we ever be able to add webclient games to sites outside of BYOND by adding them some HTML where users will be able to play them there instead for faster access?
| |||||||
|
Mar 23 2015, 7:25 am
|
|
Lummox JR
   |
You can already do that via the iframe embed. It still uses BYOND's login system, but I do have plans to customize this setup so you can simply bypass login and always login as guest.
|
Thanks Lummox
| |
Lummox JR wrote:
You can already do that via the iframe embed. It still uses BYOND's login system, but I do have plans to customize this setup so you can simply bypass login and always login as guest. Since this is somewhat on Topic. Are there plans for including access to Facebook's Canvas's? | |
Ssj4justdale wrote:
Since this is somewhat on Topic. Are there plans for including access to Facebook's Canvas's? http://www.hyperarts.com/blog/ tutorial-add-an-iframe-application-to-your-facebook-fan-page -fall-2012/ You would do it yourself and include canvas + the iframe to your BYOND game/app. Facebook won't allow a non SSL canvas page anyway, BYOND doesn't have any SSL capabilities IIRC. Your best bet is to host your own page with an SSL cert free startssl.com or paid from there as I said above include the game in your page. | |
A.T.H.K wrote:
Ssj4justdale wrote: Thanks, my issue was the whole SSL thing which is why I was curious if BYOND will provide support for it, but thats all the information I needed. Thanks A.T.H.K! | |
Oh, BYOND internally (as in the server) has no SSL support but you could certainly change the "middle" embed. Instead of http://www.byond.com/play/embed/yourip it'd be https://secure.byond.com/play/embed/yourip for the iframe. That ought to work as far as Facebook having rules about SSL, I believe.
The only tricky part is, I'm not sure if a secure page can call an insecure frame--which would be the game itself. | |
Lummox JR wrote:
Oh, BYOND internally (as in the server) has no SSL support but you could certainly change the "middle" embed. Instead of http://www.byond.com/play/embed/yourip it'd be https://secure.byond.com/play/embed/yourip for the iframe. That ought to work as far as Facebook having rules about SSL, I believe. I tried that but it returns on error on facebook's end for calling something. I don't recall what it was though. EDIT: Actually, I forgot to include the secure.*.com part. | |
Hrm, what I'm reading suggests an "insecure" iframe inside a secure one isn't going to work. So that might speak to a need to implement SSL in BYOND, although then you'd need a certificate if you did an embed that way. I'll try to figure out some options. If anyone else has any ideas in the meantime, please do share them.
| |
Lummox JR wrote:
The only tricky part is, I'm not sure if a secure page can call an insecure frame--which would be the game itself. Technically yes it could, but both Chrome and Firefox have really locked down insecure content on secure pages nowadays.. The secure.byond.com URL is the only one you have with SSL enabled right? due to the login form / payments etc. https://secure.byond.com/play/embed/162.251.70.58:592 Chrome - Mixed Content: The page at 'https://secure.byond.com/play/embed/162.251.70.58:592' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://162.251.70.58:592/query'. This request has been blocked; the content must be served over HTTPS. Firefox - Blocked loading mixed active content "http://162.251.70.58:592/query" ..., downloading client"):A();else if(l.match(/^command:/i)){if(l=l.substr(8),n="",... Obvious due to loading insecure content on the page from a completely different URL/IP. Honestly I don't think it's going to be possible in either case, my post above RE Facebook SSL won't work either. https://byondpanel.com/test.html Mixed content issue on Chrome and Firefox. The only way this is ever going to work is if you implement SSL connections in DD. | |
Lummox JR wrote:
If anyone else has any ideas in the meantime, please do share them. Read above :) , you're not going to get around it. SSL certs are cheap and startssl.com is free which works a charm and is accepted by all modern browsers now. | |
Lummox JR wrote:
Hrm, what I'm reading suggests an "insecure" iframe inside a secure one isn't going to work. So that might speak to a need to implement SSL in BYOND, although then you'd need a certificate if you did an embed that way. I'll try to figure out some options. If anyone else has any ideas in the meantime, please do share them. I can get past the error, just IN BYOND the game loads but in Facebook it says the game is not available to play. Edit: From what I noticed, its because Facebook requires the forward slash at the end of the URL. When going to the embed URL on BYOND's website without the forward slash, it loads. If you add the forward slash, it fails to load. | |
Ssj4justdale wrote:
I can get past the error, just IN BYOND the game loads but in Facebook it says the game is not available to play. I can always add something to the parsing to deal with the forward slash issue, so that shouldn't be a problem. I'm more concerned that to work on any SSL site we'd probably need the game itself to run via SSL, which means hosting a virtual SSL server (how this would impact websockets is a mystery to me) and having a certificate. And the latter means you'd probably need to run off a domain. For big games, though, I guess none of those things are an issue as long as we can provide the SSL implementation. Then again, big games hosted on a domain could also just as easily setup an SSL proxy on their own end, so maybe it's moot. | |
Lummox JR wrote:
Might work if you had a reverse proxy with SSL, I'll get back to you on that in a sec. | |
Reverse proxy using Haproxy doesn't seem to work with SSL.
https://secure.flix.link/play/ Same error as https://162.251.70.58:592/play/ Loads with normal http. http://secure.flix.link/play/ Honestly, these are all workarounds that don't seem to be working, it'll probably be best to implement SSL on the servers side, DD. | |
We'll be sure to get this working before the webclient is finalized, since outside publication is one of the main driving forces behind the HTML5 port. At the moment, there are more pressing stability and speed issue though.
It's hard to believe that there isn't a workaround for this right now, since there's really no reason that the end "app" content need to be encrypting in a general sense. How about the solution recommended here? http://www.xethron.co.za/ building-a-facebook-app-on-a-host-without-https-ssl-support/ I also see a number of pages that host "static iframes" (eg https://woobox.com/customtab ) that may offer the same sort of redirect (although I suspect that this is effectively what was tried above and may throw errors). | |
It's not really about Facebook anymore, loading mixed content in a browser (http and https) doesn't play well or work at all anymore. It's either one or the other so loading an iframe on a page with SSL enabled just won't work.
As you can see here - https://flix.link/BYSSLTEST/ Not sure if you can see this either? Pretty much loads the above in FB's canvas. https://apps.facebook.com/danptcomptest/ The only way to fix it concretely is to accept the SSL connection on the webclient/DD, even if you just accept SSL and socket back using http that might work with less effort on your side. I agree it doesn't need to be encrypted at all.. mixed content loading is the issue and you can thank browsers for being so picky.. | |