I don’t really expect much to happen but making noise might help if someone at VRC took notice.
Developers jump thru so many hoops to get custom URLs working (and they eventually get them working) but it would all be so much easier if we could instantiate a VRCURL and/or set the url in Udon.
And before everybody offers up the security concern please consider showing us how you compromise a player by setting a URL. And how that can’t be done with the system in place now.
Allow untrusted URLs is “system-wide” which is in itself a horrible design. Permitting it on a world basis and/or for a session in a world would be a lot safer. Users could opt-in to permitting my world to use them and opt-out of instances they did not trust (for example).
I just don’t see how it can be exploited particularly if such exploitation was against the TOC.
Persistence is apparently being worked on but it isn’t here yet. And it isn’t a direct substitute for generating a URL at runtime.
Among other things (it is my understanding that) the “player data” is stored on VRC servers. And depending upon the implementation (I will guess) this won’t solve the basic issue.
We don’t (necessarily) need to save data for every visitor to a world. We do need to be able to send a request and get a response without working around hardcoded, predefined URLs.
It’s my understanding that preventing creating URLs in Udon prevents worlds from doing things like logging to a server the usernames of people who visit a world and what specifically they do there. This protection seems like a good default but it should be possible to opt out.
Considering that it’s already possible in principle for a world to gain two-way unrestricted network access if a user present in the instance uses a program to submit to a server the data the world writes to vrchat’s logs (and the program could communicate back to the world by emulating MIDI which can be read by the world; and the docs suggest vrchat may later allow programs to use OSC to communicate with worlds), then it shouldn’t impact the existing security/privacy guarantees too much if VRChat made it so someone in the instance (maybe just the instance creator, who also has the permission to close the instance) could use a menu in-game to give the world instance permission for unrestricted network access (ie. permission to create URLs programmatically).
Seems reasonable but if I use PCVR and instantiate my world I see all the logs and the names of the players, when they arrived and anything that I care to log.
A “username” is not important information. It can be determined by anyone by simply reading it while in the world. If it was important it wouldn’t be available to anyone under any circumstances.
If a player abuses the TOS in VRC their account can be closed. In a VRC world the player opts in. It isn’t about finding workarounds but rather it is about not needing workarounds.
While I don’t know the exact reason, I assume the reason is for security.
Forcing world developers to either bake in urls or have users manually insert them into url UI leaves an auditable trail of blame in case there’s any misuse. It’s either the world dev or the user who put in the URL.
Preventing dynamic url generation at runtime also prevents malicious world developers from using URL form submissions to create their own analytics, which would be a privacy/legal nightmare for vrchat internationally. Importantly: URLs can contain arbitrary outbound data. (See the data after the ? in the URL after sharing things from social media sites, those are usually tracking codes.)
It’s not about the how its the sheer fact that it can makes it a liability for vrchat to allow it. All it takes is one to go under the moderation radar for long enough and could be lawsuits inbound. They want to weld the floodgates shut before malicious users realize it’s open.
I’m not trying to be discourteous but these are all reasons we are making up. We are not lawyers (most of us), we are not copyright or privacy experts.
Granted reading the logs is limiting and some analytics could be gathered but again “we would have opted in”. Some other VR apps permit it and of course the entire Internet browser system works that way.
It isn’t a nightmare, it is how things work in the 21st century. If someone is bypassing the TOS agreement then it doesn’t matter if they have signage or avatars that display toxic images, it is a violation. The world operates on the assumption that “things are not crimes prior to it being a crime”.
In any case I’m not ragging on you. I’m just pointing out that someone (or some group) has tried to control just about everything, anyone wants to do. They eventually give up as you aren’t (for example) going to stop people smoking grass by handing out stiff fines and jail sentences.
If something becomes a problem one adds regulations. You don’t start off with parking meters in 1908 thinking that “one day there could be trouble with parking spaces”.
I understand the need to speculate but let’s let VRC explain it. Because they track us on their website don’t they?