Jump to content

CEF: How to deal with it?


Jusonex

Recommended Posts

Hi,

many people suggested AwesomiumCEF (an embeddable webbrowser which is based upon Chromium) to be integrated in MTA.

Despite some doubts I tried to implement it (just for fun so far). You can watch the result below:

The script would look like the following then (that's a part of the code I used in the video above)

local webBrowser = createBrowser(1200, 675) 
  
addCommandHandler("youtube", 
    function() 
                  browserLoadURL(webBrowser, "http://www.youtube.com/watch?v=kdemFfbS5H0") 
         
                 addEventHandler("onClientRender", root, 
                     function() 
                         -- Update texture data 
                         updateBrowser(webBrowser) 
     
                         -- We can simply draw the webbrowser now since it is a standard DirectX texture 
                         local x, y = 110.7, 1024.15 
                         dxDrawMaterialLine3D(x, y, 23.25, x, y, 14.75, webBrowser, 18.2, tocolor(255, 255, 255, 255), x, y+1, 19) 
                     end 
                ) 
      end 
) 

The main problem I see at the moment is the potential abuse capability: A server would be able to open every webpage it wants to - including porn and warez.

There should be in any case an option to turn the entire webbrowser stuff off.

Furthermore I can think of several solutions to restrict the access somehow:

1. Solution: Requests:

This is in my opinion the best solution. The server must request the pages first in order to open them later. The player has to accept the request (a messagebox or something) then.

This could look like the following:

-- Ask the player after login 
addEventHandler("onPlayerLogin", root, 
    function() 
        requestWebPages({"youtube.com", "google.com", "myservername.com"}) 
    end 
) 

There should also be an option to save the decision, so that the player wouldn't get the annoying message everytime. Once you requested the websites, you can use them unconditionally

2. Solution: A global whitelist:

There is a global whitelist which is managed by the MTA team (all websites are blocked generally). If you'd like to open your server's website, you must create a kind of short application.

Pros: The best protection and possibility to fight against abuse

Cons: Pretty much administration effort

3. Solution: Vice versa - An own + global blacklist:

This solution is probably the worst: Generally there is no restriction. Lots of porn and Warez sites are blocked.

If you don't want a server to open a specific website, you'll be able to add it to your own blacklist.

Finally, what's your opinion on the solutions? Do you have a better idea? Could you imagine a webbrowser in MTA generally?

Best regards

Edited by Guest
  • Thanks 1
Link to comment

Another option is something like the 2nd solution - I don't know how you would implement that, but, in my opinion, instead of hardcoding blocked websites into MTA's source, it would go through a proxy hosted on the MTA servers which filtered websites, this would allow for easier maintenance, rather than changing the source to block another website. On the other hand, page loading time would increase. The first solution isn't bad either, but even though you will need to maintain the proxy server, I think the second solution is still best.

By the way, looks great!

Link to comment

It's a really great idea, yet a great preview,

Looking forward for the release, if there will be one.

About the restricted websites, an updated list will do, MySQL based list, updated with a general list of websites + websites reported by users, that's my opinion.

Link to comment

I'll state what I stated on IRC, just for the sake of notes: I feel like this should be a module. It's a really great idea and appears to work great, but with compiled scripts, there's the risk of malicious content.

Link to comment

Awesome, really nicely done. Personally I don't think the room for abuse is as big an issue. Servers can already load any image onto the server and can download these via the web so I'm not sure this would bring any new problems. Just my opinion.

Link to comment
Hi,

many people suggested Awesomium(an embeddable webbrowser which is based on Chromium) to be integrated in MTA.

Despite some doubts I tried to implement it (just for fun so far). You can watch the result below:

The script would look like the following then (that's a part of the code I used in the video above)

local webBrowser = createBrowser(1200, 675)
 
addCommandHandler("youtube",
    function()
                  browserLoadURL(webBrowser, "https://www.youtube.com/watch?v=kdemFfbS5H0")
        
                 addEventHandler("onClientRender", root,
                     function()
                         -- Update texture data
                         updateBrowser(webBrowser)
    
                         -- We can simply draw the webbrowser now since it is a standard DirectX texture
                         local x, y = 110.7, 1024.15
                         dxDrawMaterialLine3D(x, y, 23.25, x, y, 14.75, renderTarget, 18.2, tocolor(255, 255, 255, 255), x, y+1, 19)
                     end
                )
      end
)

The main problem I see at the moment is the potential abuse capability: A server would be able to open every webpage it wants to - including porn and warez.

There should be in any case an option to turn the entire webbrowser stuff off.

Furthermore I can think of several solutions to restrict the access somehow:

1. Solution: Requests:

This is in my opinion the best solution. The server must request the pages first in order to open them later. The player has to accept the request (a messagebox or something) then.

This could look like the following:

-- Ask the player after login
addEventHandler("onPlayerLogin", root,
    function()
        requestWebPages({"youtube.com", "google.com", "myservername.com"})
    end
)

There should also be an option to save the decision, so that the player wouldn't get the annoying message everytime. Once you requested the websites, you can use them unconditionally

2. Solution: A global whitelist:

There is a global whitelist which is managed by the MTA team (all websites are blocked generally). If you'd like to open your server's website, you must create a kind of short application.

Pros: The best protection and possibility to fight against abuse

Cons: Pretty much administration effort

3. Solution: Vice versa - An own + global blacklist:

This solution is probably the worst: Generally there is no restriction. Lots of porn and Warez sites are blocked.

If you don't want a server to open a specific website, you'll be able to add it to your own blacklist.

Finally, what's your opinion on the solutions? Do you have a better idea? Could you imagine a webbrowser in MTA generally?

Best regards

@Jusonex:

How did you inplementated the Awesomium, i did installed it and it is in the regristy and so on but the script in MTA doesnt work.

Link to comment

@Cobra: You can't "install" awesomium in that way.

Awesomium is a C++ library which provides functions and classes to generate pixel data from rendered web pages. That means that you have to integrate it in MTA's rendering system and write a lua interface.

I'm going to provide a test build within the next few days for those who want to test it out.

Link to comment
I uploaded a test build, so if you'd like to test it, follow the instructions on my wiki page: https://wiki.multitheftauto.com/wiki/Us ... ow_to_test

Just tested and it is really awesome. Just made a really quick control system for the 3D example and added a PC next to it (http://pastebin.com/XQ8dUdtu). So much potential here but I do feel the request system is not needed and makes it more difficult to let users browse the web unless there is a wildcard option.

Really great work, can't wait for keyboard support and a release of some form at some point. Thanks.

Link to comment
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...