originally posted in:BungieNetPlatform
Interesting. Does this just run as a content script on a BNext page, or did you manage to find, store, and provide an auth token for ajax/jsonp requests from a background script?
English
-
The main part runs within a background script which polls the server every so often for notification counts and updates the icon badge and shows the browser notification. There's also the [url=http://i.imgur.com/fD27IsZ.png]popup page[/url] and script that runs on demand and retrieves the current list of notifications and displays them. Unfortunately the amount of detail I'd like to add in (eg. the name of the topic instead of just its id values, etc...) is still kind of limited and included in a clump of HTML, which is essentially just what's dropped into the bungie.net version of notifications. To get around authentication "issues", I: A) Set the regular cookies to be included for each request (which does mean the user has to be signed in, but doesn't have to actively be using the site); and B) Bypass CSRF protection by getting the token for it from the bungleatk cookie (which was [i]very[/i] trivial) and including it in each request as well An OAuth interface would be so much easier. I'm probably also going to look into: A) Sniffing each bungie.net-initiated request and using the data from them to update the extension as well; B) Trying to store some of those authentication details to see if they still work post-browser startup (but before a new session starts)
-
+1 for OAuth interface. I'm really hoping their official release will include something like this.