Closed ITZVGcGPmO closed 6 years ago
Yeah, it seems like that actually crashed the api last night.
The issue with these is that they're not generated from images, but from an existing user. Looking at the generated data from the account id the skin data is actually different for each generated skin, so whoever's generating these is doing the skin changing themselves (idk why).
I'm gonna try to figure out who is making these requests and contact them about their implementation issue.
Nevermind, actually. Seems like the value & signature change, for whatever reason(looks like they added a timestamp to the base64), even if the account's skin wasn't changed. Either mojang changed something on their backend or I just never noticed this quirk. Either way, should be easy to fix now since the skin url does stay the same.
might be happening once more according to skins 382333-382389
That's definitely an unintended implementation of a dev, though. Seems like they're setting a unique name for every new one, so mineskin treats it as unique too.
possibly a hash table could help? if a dev uploads a skin it's hashed then checked against the hash table, if it's in the table, it locates and returns the signage associated with that hash. if not, it signs the newly discovered skin, adds it to the table, and returns it. (you could possibly be doing this already, but it's not reflected on the web gallery)
the skin's hash would be unique and based off of image data(rgba of all pixels)
the name of the skin could be transformed into a list instead of a string, so new requests can still add labels to pre-existing skins. (may still be abused like the aforementioned dev implementation)
if you take a look over at the gallery page, it seems as if someone is using the api to upload the same skins over and over again. possibly a hash-check is needed before applying a skin.