User Tag List

Page 1 of 3 1 2 3 LastLast
Results 1 to 10 of 24

Thread: Sitelock for HTML5 games

  1. #1
    Clickteam Clickteam
    Olivier's Avatar
    Join Date
    Jun 2006
    Posts
    3,000
    Mentioned
    9 Post(s)
    Tagged
    1 Thread(s)

    Sitelock for HTML5 games

    The Flash Player object returns the window.location() and window.top.location() via 2 expressions GetDomain and GetWindowDomain. These are Javascript functions. We can use them to check on which domain the game is hosted or embedded, and make our app react accordingly. Like sitelock the app to specific a domain.
    This is especially useful if the developer wishes to sell licenses of his games to sponsors.

    I would like to know if this is possible with HTML5 games too? Can we have the same expressions via the HTML5 object, and would it be secure enough for the casual hacker?
    I know that we can call Javascript functions from the current HTML page and retrieve their result, but surely this isn't a viable solution since someone could simply edit the HTML page.

  2. #2
    Clicker Multimedia Fusion 2 DeveloperiOS Export ModuleSWF Export Module
    Francois's Avatar
    Join Date
    Jul 2006
    Location
    Montpellier, France
    Posts
    6,920
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    Yes, there are some missing functions in the HTML5 Object.

  3. #3
    Clickteam Clickteam
    Olivier's Avatar
    Join Date
    Jun 2006
    Posts
    3,000
    Mentioned
    9 Post(s)
    Tagged
    1 Thread(s)
    Okay François. I hope to see these expressions implemented for the next build then.

  4. #4
    Clicker Fusion 2.5 DeveloperAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleSWF Export Module
    DracisLooby's Avatar
    Join Date
    Jun 2008
    Location
    Washington, United States
    Posts
    169
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    This is actually pretty easy to do right now,
    It took me a moment to realize , but the HTML5 Object's ability to call JavaScript functions can be used to run arbitrary JavaScript, or just get values right away;

    HTML5 Object->JavaScript->Reset String Parameters;

    HTML5 Object->JavaScript->Add String Parameter: "window.location";

    HTML5 Object->JavaScript->Call Function: "eval";

    Special Conditions->Set Global String->A->HTML5 Object->JavaScript->Get String Result;

    Special Conditions->Compare two general values->(Global String A === 'this.loc')->Do Whatever;

    Tested method, and it works just fine, it might be beneficial to read up on JavaScript, and go through some of the HTML5 Objects to get a better sense on how CTF2.5 utilizes it,
    Makes web app development much easier, and gives a much better sense of what you can do with it.

    I should make a post about the quirks and tricks in the HTML5 runtime I've discovered,
    I've got a couple that might be useful to people, lol.

  5. #5
    Clickteam Clickteam
    Olivier's Avatar
    Join Date
    Jun 2006
    Posts
    3,000
    Mentioned
    9 Post(s)
    Tagged
    1 Thread(s)
    Thnak you very much for your input Ben. Unfortunately after many attempts I was unable to get this to work. I must probably be missing some brackets or double quotes somewhere. Could you please post a quick example of using eval? That way I'll be sure to use the correct syntax.

    I've also did a quick search for eval, and I've read that it wasn't a very good practice.

  6. #6
    Clicker Fusion 2.5 DeveloperAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleSWF Export Module
    DracisLooby's Avatar
    Join Date
    Jun 2008
    Location
    Washington, United States
    Posts
    169
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Sitelock for HTML5 games

    Let me create an example Ina bit,
    In code in would looks like
    Code:
    var ret = eval("window.location");
    And the only thing really bad practice about it is if you let users input into the eval, but honestly, at least for javascript, it's not a big deal at all.

  7. #7
    Clicker Multimedia Fusion 2 DeveloperiOS Export ModuleSWF Export Module
    Francois's Avatar
    Join Date
    Jul 2006
    Location
    Montpellier, France
    Posts
    6,920
    Mentioned
    1 Post(s)
    Tagged
    1 Thread(s)
    If you think about it, the whole Javascript is "bad practice". Everything based on names and strings, no type checking and enforcing, absolute freedom to create awfull crap or brilliantly structured applications. You decide what you want with it, and it will just do it. That is what makes it so incredible and why I love it so much.
    So "eval" is nothing special to me, just another cool feature, and a direct application of the fact that it is an interpretor at the base.

  8. #8
    Clicker Fusion 2.5 DeveloperAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleSWF Export Module
    DracisLooby's Avatar
    Join Date
    Jun 2008
    Location
    Washington, United States
    Posts
    169
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Eyup, especially since its Client side,
    But when writing PHP, or any other interpreted SERVER side language, is when eval-equilivants becomes hazardous.

  9. #9
    Clickteam Clickteam
    Olivier's Avatar
    Join Date
    Jun 2006
    Posts
    3,000
    Mentioned
    9 Post(s)
    Tagged
    1 Thread(s)
    Seems like I was using an incorrect syntax. It works if I use "window.location.hostname" and "window.top.location.hostname".

    If I access the HTML5 app hosted at "oliverpearl.com", both functions return the exact same string "oliverpearl.com" which is the expected result.

    Now I access a page hosted on "anotherdomain.com", which iframes the HTML5 app hosted at "oliverpearl.com". I was expecting that "window.top.location.hostname" would return "anotherdomain.com" or maybe an empty string. Unfortunately it returns "oliverpearl.com".

    I'm trying to prevent iframing of the HTML5 app without success.

  10. #10
    Clicker Fusion 2.5 DeveloperFusion 2.5+ DLCAndroid Export ModuleHTML5 Export ModuleiOS Export ModuleSWF Export Module
    Kimera's Avatar
    Join Date
    Feb 2007
    Location
    Houston, TX
    Posts
    729
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Hey Olivier

    Try this code, it will always put you to the parent frame and it goes in the page you host so nobody can remove it...

    Code:
    <script>
            if(window.self != window.top)
            {
    	     parent.location=("http://your.location.com");
            }
    </script>

Page 1 of 3 1 2 3 LastLast

Similar Threads

  1. HTML5 Games
    By Jeff in forum HTML5 Export Module 2.5
    Replies: 0
    Last Post: 17th January 2014, 02:22 PM
  2. Replies: 0
    Last Post: 1st February 2013, 11:05 AM
  3. How do i sitelock my games? (Specifically Kongrega
    By Jacob_Miller in forum Multimedia Fusion 2 - Technical Support
    Replies: 14
    Last Post: 11th June 2011, 11:31 AM
  4. Can't add sitelock to non-Mochi games
    By JoKa in forum SWF/Flash Export Module Version 2.0
    Replies: 9
    Last Post: 27th May 2011, 02:31 PM
  5. Help with sitelock!
    By Evilized79 in forum SWF/Flash Export Module Version 2.0
    Replies: 21
    Last Post: 13th October 2010, 07:18 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •