Skip to content

OmiyaGames/omiya-games-web-security

Repository files navigation

Omiya Games - Web Security

openupm Documentation ko-fi

Web Security is a Github package Omiya Games uses to peform various security features for WebGL builds. This includes:

Web Location Checker

A script that verifies the build is running on the correct host. Attach to a GameObject like any other MonoBehavior, then call the coroutine, CheckDomainList(), from another script. For example, one can create a script with the method below, then attach it to the same GameObject the WebLocationChecker is on:

IEnumerator Start()
{
    // Verify the domain
    WebLocationChecker checker = GetComponent<WebLocationChecker>();
    yield return StartCoroutine(checker.CheckDomainList());

    // Check if the domain was verified
    if(checker.CurrentState == WebLocationChecker.State.DomainMatched)
    {
        // Change scene to the main menu
        SceneManager.LoadScene("Main menu");
    }
}

The script contains the following inspector fields:

Inspector

Field Required? Description
Remote Domain List Url No The path to download a DomainList, relative to the root of the WebGL build (typically where index.html is in). The strings in the DomainList will be used to match the domain the build is running on, in addition to strings listed in Domain Must Contain. Leave empty if no file should be downloaded.
Domain Decrypter No The StringCryptographer to use to decrypt the content of the downloaded DomainList. Entirely optional, especially if the downloaded file is not expected to be encrypted.
GameObjects to Deactivate No A list of GameObjects to deactivate while the script verifies the domain the build is running on.
Domain Must Contain Yes A list of strings to verify whether the domain the game is running on matches. This script supports ? and * wildcards (former any single character, while the latter matches a series of character).
Force Redirect No If checked, and the domain did not match, prompts the script to redirect to a different website. If this build is embedded in an iframe with redirect permission restrictions (which most browsers enable by default), the redirect may fail with an AccessDenied error.
Redirect URL If Force Redirect is checked The URL to redirect to if the doamin did not match. This URL should include https://

Install

There are two common methods for installing this package.

Unity's own Package Manager supports importing packages through a URL to a Git repo:

  1. First, on this repository page, click the "Clone or download" button, and copy over this repository's HTTPS URL.
  2. Then click on the + button on the upper-left-hand corner of the Package Manager, select "Add package from git URL..." on the context menu, then paste this repo's URL!

While easy and straightforward, this method has a few major downside: it does not support dependency resolution and package upgrading when a new version is released. To add support for that, the following method is recommended:

Through OpenUPM

Installing via OpenUPM's command line tool is recommended because it supports dependency resolution, upgrading, and downgrading this package.

If you haven't already installed OpenUPM, you can do so through Node.js's npm (obviously have Node.js installed in your system first):

npm install -g openupm-cli

Then, to install this package, just run the following command at the root of your Unity project:

openupm add com.omiyagames.web.security

Resources

LICENSE

Overall package is licensed under MIT, unless otherwise noted in the 3rd party licenses file and/or source code.

Copyright (c) 2019-2021 Omiya Games