|
Cookies's use case is to store persistent data and send it to the server
in subsequent requests, such as to remember logged-in sessions. WebAO is
using them to store site settings like ad-hoc hash tables that require
parsing and serialization.
As a nasty side-effect of how cookies work, clients send all their
settings every time they connect to the server. Server has absolutely no
use for them, but each client sends them anyway, which is an
uncalled-for privacy leak.
Remove this mechanism entirely, switch to localStorage which serves
exactly the purpose of per-origin store with data that never leaves the
browser.
|
|
Historically, MC packet ended up in a ridiculous spot. It had this
single structure:
MC#something#cid#%
It used to change music track to `something`, and the character ID `cid`
was used in clientside muting (blindly trusted, by the way). Then,
this packet was expanded to mean area change as well, so the same
generic structure carried two completely different meanings.
How does one differentiate the two? Whether the client tried to move to
an area `something`, or played a music track called `something`?
The solution was to assume that having ".extension" at the end magically
implied that it was a name of a music file, check the string `something`
within the MC packet, and pray that you guessed correctly. So,
understanding the protocol message required penetrating into one of its
data fields and ambiguously inferring what the whole message even meant.
Modern AO gives us a more logical solution. Not as good as having two
separate packets for two unrelated actions, but we can at least discern
the area and music change directly from the framing.
Area change uses the same two-field structure: MC#area#cid#%
Music change, however, has acquired two additional fields:
MC#music#cid#showname#flags#%
We consider four-field MC to be music change, and two-field MC to be
area change, resolving the ambiguity and eliminating odd constraints
on area and music names.
WebAO still uses the old logic and sends two-field MC packets for both
cases. CSDWASASH server, as a result, thinks that web users try to
change areas when they play music. This commit fixes this behavior and
adds special sendAreaChange instead of using sendMusicChange for both.
The flags are hardcoded to 0 because WebAO can't set fade-in, fade-out,
or position sync, and it ignores the server flags.
|
|
CH is an application-level keepalive packet that clients periodically
send for two reasons:
1. It tells the server they're still connected, preventing timeouts.
2. By measuring latency between sending CH and receiving CHECK, a client
can display ping.
Keepalive is redundant because WebSocket can handle that via PING frames on a
transport layer. WebAO also completely ignores CHECK and sends CH every
five seconds, which is superfluous (AO2 Client sends it once every 45
seconds, in comparison).
Sending CH via `setInterval` was also problematic: browsers seem to
throttle it when the tab becomes inactive, preventing periodic pings and
leading to the server disconnecting inactive browser clients.
|
