Open URL in users browser from script?


#1

Is there a way to open a URL in the users default browser from script?


#2

Not sure yet.

Although this sounds very exploitable though, considering that we can force scripts on to people in regions: so you could force a script on a person entering the domain, then force the script to open a website.


#3

Well there could be a confirmation popup asking if they are sure they want to let it happen.

The web by nature is exploitable though, which is why anti-virus is big business. HiFi is just the web 2.0, albeit in 3D VR. I see no reason why scripts should not be forcible, or why URLs can’t open in a browser. Maybe somebody can make a popup blocker :stuck_out_tongue:


#4

This seems technically possible and pretty straightforward in QT; I’m unclear on how to work around the ramifications for abuse that @Menithal mentioned. For example, entity scripts have a preload method that gets run whenever a user is in range – what’s to prevent me from opening my spam page or a virus/trojan attack vector on everyone? Maybe if we can talk it through and come up with some kind of solution, but off the top of my head I got nothing. I can think of a bunch of cool use cases… hmm.

http://doc.qt.io/qt-4.8/qdesktopservices.html#openUrl

bool QDesktopServices::openUrl ( const QUrl & url ) [static]

#5

confirmation window would put us at parity with most places (“You’re leaving Facebook…”) — but a couple of bad experiences or a really well-framed phishing attack would be bad. also lots of confirmation windows could itself be annoying. anyone seen articles or blog posts elsewhere about this topic?


#6

That’s no different than surfing the web.


#7

Sure, but there are some different ways to handle opening content – mobile safari, for example, won’t play video until there’s a user interaction. We could potentially do something similar – i.e. restrict opening an external page to an onClick or onGrab callback or something more active than simply entering/exiting a zone, and not necessarily by directly calling the function that opens the external browser.


#9

Authentication, payment, social media “shares”, downloads, anything that would be better presented in 2D without vr, anything that can easier be done in a browser than HiFi. I imagine a lot of people will be wanting to advertise, especially if large corporations give VWs a second chance.