• Announcements

    • khawk

      Download the Game Design and Indie Game Marketing Freebook   07/19/17

      GameDev.net and CRC Press have teamed up to bring a free ebook of content curated from top titles published by CRC Press. The freebook, Practices of Game Design & Indie Game Marketing, includes chapters from The Art of Game Design: A Book of Lenses, A Practical Guide to Indie Game Marketing, and An Architectural Approach to Level Design. The GameDev.net FreeBook is relevant to game designers, developers, and those interested in learning more about the challenges in game development. We know game development can be a tough discipline and business, so we picked several chapters from CRC Press titles that we thought would be of interest to you, the GameDev.net audience, in your journey to design, develop, and market your next game. The free ebook is available through CRC Press by clicking here. The Curated Books The Art of Game Design: A Book of Lenses, Second Edition, by Jesse Schell Presents 100+ sets of questions, or different lenses, for viewing a game’s design, encompassing diverse fields such as psychology, architecture, music, film, software engineering, theme park design, mathematics, anthropology, and more. Written by one of the world's top game designers, this book describes the deepest and most fundamental principles of game design, demonstrating how tactics used in board, card, and athletic games also work in video games. It provides practical instruction on creating world-class games that will be played again and again. View it here. A Practical Guide to Indie Game Marketing, by Joel Dreskin Marketing is an essential but too frequently overlooked or minimized component of the release plan for indie games. A Practical Guide to Indie Game Marketing provides you with the tools needed to build visibility and sell your indie games. With special focus on those developers with small budgets and limited staff and resources, this book is packed with tangible recommendations and techniques that you can put to use immediately. As a seasoned professional of the indie game arena, author Joel Dreskin gives you insight into practical, real-world experiences of marketing numerous successful games and also provides stories of the failures. View it here. An Architectural Approach to Level Design This is one of the first books to integrate architectural and spatial design theory with the field of level design. The book presents architectural techniques and theories for level designers to use in their own work. It connects architecture and level design in different ways that address the practical elements of how designers construct space and the experiential elements of how and why humans interact with this space. Throughout the text, readers learn skills for spatial layout, evoking emotion through gamespaces, and creating better levels through architectural theory. View it here. Learn more and download the ebook by clicking here. Did you know? GameDev.net and CRC Press also recently teamed up to bring GDNet+ Members up to a 20% discount on all CRC Press books. Learn more about this and other benefits here.
Sign in to follow this  
Followers 0
Alphanumber

Intercept HTTP Request

5 posts in this topic

So there's a game I wish to build that requires me to intercept the HTTP request from a browser.

Here's how I understand an HTTP request works:
-User types in a URL or clicks on hyperlink.
-Browser sends request over wire.
-Server returns the request with a HTTP and javascript (AJAX?)
-Browser renders file.

What I want to do is the following:
-Whenever a HTTP request is made, I intercept the request to get the URL.
-Check the URL to see if the site is somewhere on a database that carries a list of all URLs and "game objects" stored on the URL. (Part of the game allows users to leave "objects" like bombs and doors on a page)
-Get the actual HTTP/javascript from the page but do not send to browser
-Modify the HTTP/javascript to display game objects on page and floaties that allow the user to do certain actions like leave objects or interact with objects
-Send modified HTTP/javascript to browser for rendering

What technologies are available for this kind of functionality? Preferably in Java.
0

Share this post


Link to post
Share on other sites
What you ask for is the functionality of a web-server with a kind of plugin mechanism to selectivily process pages through some kind of extension-library.
I did wrote such a web-server in C++. It is pretty fast but needs another step of evolution. The API is not ready for general use. But maybe I get it right within the next month. I must earn some money to pay my bills. So the web-server development must wait.
0

Share this post


Link to post
Share on other sites
[quote]What technologies are available for this kind of functionality?[/quote]

Cross-site scripting malware does this.

Since this falls under a security issue, browsers actively introduce features which prevent such behavior. Sites also increasingly support SSL to prevent man in the middle attacks.

Think what you're asking:
- user logs into a bank account
- when they make a deposit, their request is intercepted and sent to my server
- I modify the amount from $10 to $10,000 and submit that
- I return modified response to user showing they deposited $10.


Some sites offer augmenting of pages, such as leaving comments on third-party pages.

The way they work is that you install a plugin/bookmarklet. Whenever such user visits a page, the plugin makes a request to your server, saying something like: "show me extra content for page www.example.com". Plugin then renders this on top of original page. Intercepting requests is generally not possible since it's a considerably security flaw. Such plugins do not interfere with original page, they operate completely independently and in parallel. After original page has loaded, they can examine DOM to request additional third-party information, but only reactively and passively, they are prevented from interfering with original server/client communication.
0

Share this post


Link to post
Share on other sites
This is a serious security problem and likely to get you into a [i]lot[/i] of hot water.

There do exist technologies for this but they are highly platform-dependent and certainly not accessible from Java by any stretch of the imagination. I'm very, very hesitant to post information about how to do this in a public forum, however.
0

Share this post


Link to post
Share on other sites
The motivation for looking for this kind of solution is mainly to explore ways of creating essentially a "browser game" that does not need to necessarily be natively programmed for each browser (write something that processes URLs and returns the page with appropriate game content rather than writing a toolbar for every web browser).

The project I'm currently working on is, from what I understand, is a copy of PMOG (Nethernet?) where players have these game items they can leave on the page. Currently, the programmer working on the project wrote a Firefox plugin that allows "leaving things on pages". The items left on pages are stored in a database and queries are done via RESTful calls.

The idea of looking for someway to intercept the requests is to make the game "browser agnostic" so I'm researching what ways are possible.

To be clear, this project is for a University course. I am actually interested by the reaction to my post. I was not aware that some technologies that can do the necessary functions could be considered dangerous. The actual tech that my professor suggested was not some cross site scripting malware, but a proxy.

Interesting indeed.
0

Share this post


Link to post
Share on other sites
[quote]Currently, the programmer working on the project wrote a Firefox plugin that allows "leaving things on pages". The items left on pages are stored in a database and queries are done via RESTful calls.[/quote]

This is how it's done.

[quote]The idea of looking for someway to intercept the requests is to make the game "browser agnostic" so I'm researching what ways are possible.[/quote]

Very impractical.

A proxy works, as long as everyone connects through it. HTTP defines SOCKS protocol for proxies. They must be manually configured on each client that wishes to use them (making them useless for most intranets and corporate networks which use such proxies internally). A transparent proxy would also need to respect HTTP request properties to avoid caching issues.

In lab, for experiment, sure. For WAN users - not viable.

---
Third option is writing plugin in something like Greasemonkey, available in all browsers.

---

Final option is having a gateway. Users go to www.redirector.com and specify they want to visit www.foo.com. Instead of making direct connection, server requests it on their behalf. Upon receiving the result, it rewrites all links on that page to again return results via www.redirector.com.

Downside of such approach is it doesn't allow for SSL and may cause problems with cookies.

Page operators will also be alerted to such traffic and may choose to blacklist such a server, since it's one of the simplest MITM attacks. Such portals are also closely associated with spam relays and other undesirable traffic and the originating IPs get blacklisted. Common term for such technology is anonymizer, most popular sites block them and monitor for such traffic.

[quote]I was not aware that some technologies that can do the necessary functions could be considered dangerous.[/quote]

If such technique were possible transparently, online commerce isn't possible anymore. That is how dangerous it is.

Considerable effort goes into making precisely such behavior impossible, so there's some technical obstacles as well as many business processes in place that control such behavior.


In lab it's trivial - just connect to a proxy. But having something like this accessible on open web is, hopefully, very difficult.

----

Finally, outside of technical issues, such rewrites violate definition of net neutrality. Net neutrality basically states that anyone relaying traffic not intended for them will not interfere with it in any way, either through traffic shaping, rewriting, by modifying it or otherwise. It's not exactly a law, but is foundation of open internet. Topics like this are quite important given recent developments around SOPA and such.

SOPA, for example, gave individuals precisely this ability - they allowed them to intercept anyone's traffic and return their own results.
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0