Aug 04 2005
One of the really neat features that first caught my eye was the ability to make XML-RPC calls. XML-RPC is a standardised to interact with objects and classes on the other side of the internet. Now some of you non-programming sorts may be wondering why this is such a wonderfull thing, well, its hard to explain whats so good about it but trust me when I say its great… especially in an environment such as Second Life.
Immediately I started thinking about some of the possibilities XML-RPC offered… RSS feeds, email checking, stock quotes, weather reports – all in game. You could take it further and start using Amazon and eBay to purchase real world goods, all without leaving the game.
So first things first I hit the Second Life scripting documentation. One of the first things that struck me about the XML-RPC documentation is that several of the function calls are marked as (Doesn’t actually work). This rather anoyed me as one of those functions was llSendRemoteData. So it seems that XML-RPC is a one way communication channel in Second Life… in-bound requests only.
The second thing that took my notice was the complete lack of any immediate high level explanation of how XML-RPC is implemented in Second Life. After digging around I finally discovered that in order to make a call into Second Life, you call needs to pass in a channel key. This channel key, however, can only be generated from within Second Life when an XML-RPC channel is created… so if you can’t initiate calls XML-RPC calls from within Second Life, how do you get the key out to your external objects????
I finally discovered that you are able to send emails from within Second Life, so this is the process for XML-RPC communication with Second Life:
- Create email account for transferring channel keys
- create XML-RPC channel within the game to obtain a channel key
- send email from inside game to above email account
- external object checks above email account to obtain channel key
- external object sedns XML-RPC call to in-game object
If you ask me this seems a bit of a farcical way of doing things and could be made a whole lot easier… if only they allowed in game objects to make external requests. Of course it has already been noted in the discussion wiki that allowing in game objects to make external XML-RPC calls opens up the possibility of using Second Life as a DoS engine but it should be possible to come up with some permissions structure to limit the chances of that happening.