Dragon Basher: JavaScript organization

  Prev 1 2 Next

Posted: 03‑19‑2017 11:29


QuaCzar


Fire Flipper
1803 posts
This is my classification of JavaScript used:
1. Global libraries, such as jQuery, stored in the base web root
2. Custom libraries, holding code for the client, should be kept light in the client or stored in an accessible place like 11-gfx to avoid redundant server code to get around cgi-bin restrictions
3. Custom code that may be edited in 11-gfx folder, or reset from a template
4. Generated code, fed with the client on loading the game, unstored

-QuaCzar : SysOp | P2P Guide | Anarchy Leader | #1 Magic

 


Posted: 03‑19‑2017 15:11


Joe


Fire Flipper
1406 posts
Any thoughts on having the server send the client JavaScript on-the-fly??

I'd like to have the NPC files contain the JavaScript for that NPC, and when a player talks to the NPC the server loads the code (the one on their map), send to the client, and then execute it.

The sysop script could then have an editor, so each and every NPC in the game would be custom.

Not my first priority of things to do, but certainly high on the list. Perhaps something for after "enter city".

-Joe

DevTeam Member

 


Posted: 03‑21‑2017 16:00


QuaCzar


Fire Flipper
1803 posts
That would make NPCs more diverse. I like it, as long as only those who can already edit the javascript have access. Allowing others would probably need a code rewriter to avoid bugs or exploitation.

I like code rewriters for specialty applications like this. They don't need to be complicated to be powerful, but it's something else that would need to be planned and added. (It could be added as a module, later.)

I was about to work with the NPC and building code, and I think I could implement this. The javascript could be reformatted, I suppose, to one line of the file, and served on request. NPCs and buildings could use the same system.

I expect we should serve them when we serve the other attributes of the NPCs. If the code is long, though, it could eat up bandwidth if served too often, though caching could probably work.

-QuaCzar : SysOp | P2P Guide | Anarchy Leader | #1 Magic

 


Posted: 03‑21‑2017 16:03


QuaCzar


Fire Flipper
1803 posts
There's another category, which is api settings. This is only edited when server commands are changed. I'm not sure what to do with them, yet, as server commands are used throughout the code.

-QuaCzar : SysOp | P2P Guide | Anarchy Leader | #1 Magic

 


Posted: 03‑21‑2017 19:18


Joe


Fire Flipper
1406 posts
I consider JavaScript to be safe and secure; anything they could program an NPC to do they could just do with address bar injection.

I think we need a size limit of some sort and filter out unsafe character codes, like the 'tide' character that could potentially be used to trigger Perl command line access.

It would fit in with the concept of letting players program the own servers and give them a very powerful tool to do so ... the quest engine could be accessed via standard calls which would give them server access to change one item into another and what not.

We could have a standard library of NPCs and then players could write their own and post them on the forums for others to use.

It shouldn't be hard to code, I would think we just create something like a [div] and insert the code into it when the NPC is called - you are the JavaScript wizard, I only know the basics of it.

Those are my thoughts.

-Joe

DevTeam Member

 


Posted: 04‑04‑2017 21:00


QuaCzar


Fire Flipper
1803 posts
JS is safe for the server. I was thinking of some prankster making an NPC that injects a keylogger, link loader, or some other background cross-site scripting or confusion like changing links into clients. This typically wouldn't amount to much in practice, and the strange code would likely be easy to catch by a JS novice. I just like to avoid such complications.

I think we can go ahead with the raw edit, at least for some editors, and an interface shouldn't be too hard to add on, if needed.

To support more editors, I would probably prefer a simple interface that lets players choose client and server calls and set parameters, and have a simple server module write the script from that. Trusted people could still edit the raw script to try new creative things before they are added to the interface. Though it may be handy for some, if only trusted people edit, such an interface would be unneeded. Raw editing is fine for those editing raw code, already.

For inserting server calls, the chat system has a start. The data it uses could actually be loaded from a server module for use by both client and server, and as a programming reference. Actually, that sounds like a really good idea, anyway. It could be part of the main cgi, as an extension of the module code.

-QuaCzar : SysOp | P2P Guide | Anarchy Leader | #1 Magic

 


  Prev 1 2 Next

Hunt food, smith weapons, and prepare for battle! Can you stop
the Evil Que from taking over the entire game? Browser based multi-player
fantasy role-playing game that requires no downloads or plug-ins! Free to play forever!

By being at queville.com, you agree to our Terms of Service.