search

fte-team / fteqw

This is the official GitHub mirror for the FTEQW project.
https://www.fteqw.org/
162 stars 47 forks source link

Web WASM port not downloading assets from sv_dlURL #276

Open GonzalezAtWork opened 2 weeks ago

GonzalezAtWork commented 2 weeks ago

How exactly should I must configure FTEQWSV server.cfg to allow to only download assets from a specific site?

set sv_allowdownload 0
set sv_allowdownloads 0
sv_downloadurl "http://gameassets.aqtiongame.com/"
sv_dlURL "http://gameassets.aqtiongame.com/" s
sv_downloadserver "http://gameassets.aqtiongame.com/" s

Trying these, without success.

image

eukara commented 2 weeks ago

Spoike believes it must be CORS issues, enforced by the browser.

GonzalezAtWork commented 2 weeks ago

no errors anywhere on the browser

edit: just test it, not working even on the same domain

eukara commented 2 weeks ago

Here's what appears to be happening. The game references files stored in pak archives starting with pak[...]. This will trigger copyright protection. Otherwise people could just download FTEQW, and download the entire games of Quake, Quake 2, Hexen 2 etc. from the respective game server)

While allow_download_copyrighted 1 could be set, it would be better to reference the remote .pak files in the .fmf manifest or .html. At least for the copywritten pak files.

package aqtion/pak0.pk3 - "http://gameassets.aqtiongame.com/action/aqtion/pak0.pk3"

But due to how web browsers work, if you want the wasm port to download files itself from the gameassets server, the gameassets server's Access-Control-Allow-Origin still needs to be on to allow web clients to pull extra resources.

\<Spoike> using the url http://localhost:27555/?-quake2%20+connect%20ws://localhost:27910 with a server with commandline: fteqw-sv +set sv_public 0 +set sv_port_tcp 27910 +set sv_dlURL "http://gameassets.aqtiongame.com/" -quake2 +set fs_game action \<Spoike> I get a whole load of CORS errors - CORS Missing Allow Origin

Also, side note: If you're serving the game page via HTTPS, then the urls should also be pointing to HTTPS.

GonzalezAtWork commented 2 weeks ago

isn't there a way to allow both http and https links?

Xylemon commented 1 week ago

According to Spike:

A page served via http can make http+https+ws+wss. an https page can only do https and wss. however, if it's served over http, then browsers will impose some extra limitations elsewhere.