查看“虚拟世界/HTTP”的源代码

{{VWSnav}}
==相关函数==

===llHTTPRequest===
向指定的地址发送请求和参数
*key llHTTPRequest( string url, list parameters, string body );
#返回一个key来标识发起的HTTP请求
#string	url: A valid HTTP/HTTPS URL.	
#list	parameters: configuration parameters, specified as HTTP_* flag-value pairs [ parameter1, value1, parameter2, value2, . . . parameterN, valueN]
#string	body: Contents of the request.

<pre>
//HTTP_MIMETYPE:

"text/html"
"text/plain;charset=utf-8"
"application/xhtml+xml"
"application/json"
"application/x-www-form-urlencoded"
"application/rss+xml"
"multipart/mixed; boundary="---1234567890---""
</pre>

*注意地址必须是服务器可访问到的
*HTTP_BODY_MAXLENGTH是发起请求的长度最大值，可以在服务器配置，但是响应的值被限制为2048，这个值还不可以配置。
*body内容不要随便乱写
#如果是post方法，可以：string body="param1=v1&param2=v2"
#如果是get方法，可以将“?param1=v1&param2=v2”这个放到url中，然后body用空字符串。
*例子
<pre>
key httpreq(string page,string MSG)
{
    return llHTTPRequest(page,[
                                HTTP_METHOD,
                                            "GET" 
                                            // "POST" 
                                            //"PUT" 
                                            //"DELETE" 
                                            ,
                                HTTP_MIMETYPE,
                                                //"text/application/xhtml+xml"
                                                //"text/application/atom+xml"
                                                //"text/application/json"
                                                //"text/application/xml"
                                                //"text/application/llsd+xml"
                                                //"text/application/x-javascript"
                                                //"text/application/javascript"
                                                "text/application/x-www-form-urlencoded"
                                                //"text/application/rss+xml"
                                                ,
                                HTTP_BODY_MAXLENGTH,16384,
                                HTTP_VERIFY_CERT,TRUE,
                                HTTP_VERBOSE_THROTTLE,TRUE,
                                //HTTP_CUSTOM_HEADER,"","",
                                HTTP_PRAGMA_NO_CACHE,TRUE
                            ],MSG);
}
key reqed;
default
{
    touch_start(integer total_number)
    {
        reqed=httpreq( "http://127.0.0.1/test/data?content=wei","");
        llSay(0,"touch_start:"+reqed);
    }
    http_response(key request_id, integer status, list metadata, string body)
    {
        llSay(0,"http_response:"+request_id);
        if(reqed==request_id)
        {
            llSay(0,"http_response:"+body);      
        }
    }
}
</pre>

===llHTTPResponse===
以status和body响应request_id所标识的请求。相当于提供http响应，一般与llRequestURL配合使用。
*llHTTPResponse( key request_id, integer status, string body );
#key request_id: A valid HTTP request key.	
#integer status: HTTP Status (200, 400, 404, etc)	
#string body: 响应内容。
*注意事项
#The response need not be made inside the http_request event but if it does not happen in a timely fashion the request will time out (within 25 seconds).
#This call must be made by the script containing the http_request event where the request_id was received.
#There is no limit, other than script size, to the amount of data that can be sent by this function.
#The response by default has "content-type: text/plain". Use llSetContentType to optionally return a different type, like "text/html".
*例子
<pre>
string url;
 
default
{

    changed(integer change)//很多事情都会导致这个事情发生：CHANGED_INVENTORY、CHANGED_COLOR、CHANGED_SHAPE、CHANGED_SCALE、CHANGED_TEXTURE、CHANGED_LINK等等
    {
        if (change & (CHANGED_REGION_START | CHANGED_REGION | CHANGED_TELEPORT))
            llResetScript();
    }
 
    state_entry()
    {
        llRequestURL();
    }
 
    touch_start(integer num_detected)
    {
    //  PUBLIC_CHANNEL has the integer value 0
        if (url != "")
            llSay(PUBLIC_CHANNEL, "URL: " + url);
    }
 
    http_request(key id, string method, string body)
    {
    //  http://en.wikipedia.org/wiki/Create,_read,_update_and_delete
        list CRUDmethods = ["GET", "POST", "PUT", "DELETE"];
    //  it's bit-wise NOT ( ~ ) !!!
        integer isAllowedMethod = ~llListFindList(CRUDmethods, [method]);
 
        if (isAllowedMethod)
        {
            llHTTPResponse(id, 200, "Body of request below:\n" + body);
        }
        else if (method == URL_REQUEST_GRANTED)
        {
        //  don't forget the trailing slash
            url = body + "/";
 
            llOwnerSay("URL: " + url);
        }
        else if (method == URL_REQUEST_DENIED)
        {
            llOwnerSay("Something went wrong, no URL.\n" + body);
        }
        else
        {
            llOwnerSay("Ummm... I have no idea what SL just did. Method=\""+method+"\"\n" + body);
        }
    }
}
</pre>

===osRequestURL===
请求HTTP:// url (opensim version 0.9 or over)，与llRequestURL功能类似

支持可选参数，如 "allowXss" - Add 'Access-Control-Allow-Origin: *' to response header
*例子
<pre>
//
//osRequestURL example
//
 
RequestReceived (key id, string query) {
    llHTTPResponse (id,200,query+" OK");
    query = llUnescapeURL(query);
    llSay (0, query);
}
 
default {
 
    state_entry() {
        osRequestURL ([ "allowXss" ]);
    }
 
    http_request(key id, string method, string body) {
 
        if (method == URL_REQUEST_GRANTED)
           llOwnerSay ("URL_REQUEST_GRANTED" +"\n" +body);
 
        if (method == URL_REQUEST_DENIED)
            llOwnerSay ("URL_REQUEST_DENIED");
 
        if (method == "GET")
            RequestReceived (id, llGetHTTPHeader(id,"x-query-string"));
 
        if (method == "POST")
            RequestReceived (id, body);
    }
 
}
</pre>

===osRequestSecureURL===
请求HTTPS:// url (opensim version 0.9 or over)，与llRequestSecureURL类似

可选参数支持: "allowXss" - Add 'Access-Control-Allow-Origin: *' to response header

*例子
<pre>
//
//osRequestSecureURL example
//
 
RequestReceived (key id, string query) {
    llHTTPResponse (id,200,query+" OK");
    query = llUnescapeURL(query);
    llSay (0, query);
}
 
default {
 
    state_entry() {
        osRequestSecureURL ([ "allowXss" ]);
    }
 
    http_request(key id, string method, string body) {
 
        if (method == URL_REQUEST_GRANTED)
           llOwnerSay ("URL_REQUEST_GRANTED" +"\n" +body);
 
        if (method == URL_REQUEST_DENIED)
            llOwnerSay ("URL_REQUEST_DENIED");
 
        if (method == "GET")
            RequestReceived (id, llGetHTTPHeader(id,"x-query-string"));
 
        if (method == "POST")
            RequestReceived (id, body);
    }
 
}
</pre>

===llRequestURL===
请求一个用于此脚本的“HTTP://”url。该请求将导致 http_request事件发生。HTTP使用12046端口（HTTP-in uses port 12046）。采用llGetFreeURLs函数可以返回还有多少个URL资源可以使用

该请求后，就会类似在12046端口开启了一个监听，通过http可以访问到该监听。

*key llRequestURL( );
#Returns a handle (a key) used for identifying the result of the request in the http_request event.
#HTTP-in uses port 12046.
#Use of this function is throttled. Although it has no forced sleep time, too many requests (5 ish) in a short period will cause all further requests to be denied until the script stops requesting urls for at least 1 second. Using an llSleep of 0.6 seconds or greater between each request will prevent you from being throttled.
#When a region is (re)started all HTTP server URLs are automatically released and invalidated.
#Use CHANGED_REGION_START to detect this so new URL can be requested.
#The number of available URLs is a limited resource, that is to say, a script can only have so many open URLs. See LSL http_server#Resource Limitations for details.
#When abandoning a URL, release it with llReleaseURL, to avoid leaks. Resetting the script, or deleting the prim will also suffice to release URLs.

*例子：岛屿重启后，请求一个URL
<pre>
string url;
key urlRequestId;
 
default
{
    state_entry()
    {
	urlRequestId = llRequestURL();
    }
    on_rez(integer start_param)
    {
	llResetScript();
    }
 
    changed(integer change)
    {
	if (change & (CHANGED_OWNER | CHANGED_INVENTORY))
		llResetScript();
 
	if (change & (CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT))
		urlRequestId = llRequestURL();
    }
 
    http_request(key id, string method, string body)
    {
	if (id == urlRequestId)
	{
	    if (method == URL_REQUEST_DENIED)
		llOwnerSay("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
 
	    else if (method == URL_REQUEST_GRANTED)
	    {
		url = body;
		llLoadURL(llGetOwner(), "Click to visit my URL!", url);
	    }
	}
    }
}
</pre>

注意建立请求后，该监听就一直存在，而一般资源是有限的，所以在不用时一定要释放。一般可以保存好监听的id在全局环境中，不用后使用llReleaseURL函数来释放。

<pre>
// WARNING:
//
//      This script is only for proof-of-concept (demo purposes).
//      DO NOT use it if you don't have the sim owners and/or
//      estate managers OK to test this script.
//      This script can possibly block HTTP communication from and to the sim.
//      ...bringing down all networked vendors and/or similar machines.
//
//      This script allocates all available URLs.
//      Deleting the script and/or derezzing the object containing the script,
//      will release all previously taken URLs.
 
 
default
{
    state_entry()
    {
        llRequestURL();
    }
 
    http_request(key id, string method, string body)
    {
        if (method == URL_REQUEST_DENIED)
            llSetText("No free URLs!", <1.0, 0.0, 0.0>, 1.0);
 
        else if (method == URL_REQUEST_GRANTED)
        {
            llSetText( (string)llGetFreeURLs() + " URLs left\n" + body, <1.0, 1.0, 1.0>, 1.0);
 
            llRequestURL();
        }
        else if (method == "GET")
            llHTTPResponse(id, 200, "Hello there!");
    }
}
</pre>

===llGetFreeURLs===
获取还有多少监听url可用。
*例子
<pre>
default
{
    touch_start(integer num_detected)
    {
        integer numberOfFreeURLs = llGetFreeURLs();
 
        if(numberOfFreeURLs)
            llSay(0,  "There are " + (string)numberOfFreeURLs + " available HTTP-In URLs left for this sim.");
 
        else
            llSay(0, "WARNING: There are no HTTP-In URLs available anymore.");
    }
}
</pre>

<pre>
// WARNING:
//
//      This script is only for proof-of-concept (demo purposes).
//      DO NOT use it if you don't have the sim owners and/or
//      estate managers OK to test this script.
//      This script can possibly block HTTP communication from and to the sim.
//      ...bringing down all networked vendors and/or similar machines.
//
//      This script allocates all available URLs.
//      Deleting the script and/or derezzing the object containing the script,
//      will release all previously taken URLs.
 
 
default
{
    state_entry()
    {
        llRequestURL();
    }
 
    http_request(key request_id, string method, string body)
    {
        if (method == URL_REQUEST_DENIED)
            llSetText("No free URLs!", <1.0, 0.0, 0.0>, 1.0);
 
        else if (method == URL_REQUEST_GRANTED)
        {
            llSetText( (string)llGetFreeURLs() + " URLs left\n" + body, <1.0, 1.0, 1.0>, 1.0);
 
            llRequestURL();
        }
        else if (method == "GET")
            llHTTPResponse(id, 200, "Hello there!");
    }
}
</pre>

===llRequestSecureURL===
为本模型开启 HTTPS:// (SSL) url。http_request事件会被激发。使用端口：12043。

该调用返回一个key，用于在http_request事件中标识。

*警告
#HTTPS-in uses port 12043.
#When a region is (re)started all HTTP server URLs are automatically released and invalidated.
#Use CHANGED_REGION_START to detect this so new URL can be requested.

*例子
<pre>
string secureUrl;
key urlRequestId;
key selfCheckRequestId;
 
request_secure_url()
{
    llReleaseURL(secureUrl);
    secureUrl = "";
 
    urlRequestId = llRequestSecureURL();
}
 
throw_exception(string inputString)
{
    key owner = llGetOwner();
    llInstantMessage(owner, inputString);
 
    // yeah, bad way to handle exceptions by restarting.
    // However this is just a demo script...
 
    llResetScript();
}
 
default
{
    on_rez(integer start_param)
    {
        llResetScript();
    }
 
    changed(integer change)
    {
        if (change & (CHANGED_OWNER | CHANGED_INVENTORY))
        {
            llReleaseURL(secureUrl);
            secureUrl = "";
 
            llResetScript();
        }
 
        if (change & (CHANGED_REGION | CHANGED_REGION_START | CHANGED_TELEPORT))
            request_secure_url();
    }
 
    state_entry()
    {
        request_secure_url();
    }
 
    http_request(key id, string method, string body)
    {
        integer responseStatus = 400;
        string responseBody = "Unsupported method";
 
        if (method == URL_REQUEST_DENIED)
            throw_exception("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
 
        else if (method == URL_REQUEST_GRANTED)
        {
            secureUrl = body;
            key owner = llGetOwner();
            llLoadURL(owner, "Click to visit my URL!", secureUrl);
 
            // check every 5 mins for dropped URL
            llSetTimerEvent(300.0);
        }
        else if (method == "GET")
        {
            responseStatus = 200;
            responseBody = "Hello world!";
        }
        // else if (method == "POST") ...;
        // else if (method == "PUT") ...;
        // else if (method == "DELETE") { responseStatus = 403; responseBody = "forbidden"; }
 
        llHTTPResponse(id, responseStatus, responseBody);
    }
 
    http_response(key id, integer status, list metaData, string body)
    {
        if (id == selfCheckRequestId)
        {
            // If you're not usually doing this,
            // now is a good time to get used to doing it!
            selfCheckRequestId = NULL_KEY;
 
            if (status != 200)
                request_secure_url();
        }
 
        else if (id == NULL_KEY)
            throw_exception("Too many HTTP requests too fast!");
    }
 
    timer()
    {
        selfCheckRequestId = llHTTPRequest(secureUrl,
                                [HTTP_METHOD, "GET",
                                    HTTP_VERBOSE_THROTTLE, FALSE,
                                    HTTP_BODY_MAXLENGTH, 16384],
                                "");
    }
}
</pre>

===llReleaseURL===
*释放特定的URL，它将不再被使用
#string	url: URL to release	
*警告：URLs are automatically released and invalidated in certain situations. In the following situations, there is no need to call llReleaseURL. But you will have to request a new one afterwards
#When the region is restarted or goes offline
#When the script holding the URLs is reset, or recompiled
#When the object containing the script is deleted, or taken to inventory

*例子
<pre>
string url;
key urlRequestId;
key selfCheckRequestId;
 
request_url()
{
    llReleaseURL(url);
    url = "";
    llSetTimerEvent(0.0);
    urlRequestId = llRequestURL();
}
 
throw_exception(string inputString)
{
    llInstantMessage(llGetOwner(), inputString);
 
    // yeah, bad way to handle exceptions by restarting.
    // However this is just a demo script...
 
    llResetScript();
}
 
default
{
    on_rez(integer start_param)
    {
        llResetScript();
    }
 
    changed(integer change)
    {
        if (change & CHANGED_OWNER | CHANGED_REGION | CHANGED_REGION_START)
            llResetScript();
    }
 
    state_entry()
    {
        request_url();
    }
 
    http_request(key id, string method, string body)
    {
        integer responseStatus = 400;
        string responseBody = "Unsupported method";
 
        if (method == URL_REQUEST_DENIED)
            throw_exception("The following error occurred while attempting to get a free URL for this device:\n \n" + body);
        else if (method == URL_REQUEST_GRANTED)
        {
            url = body;
            llLoadURL(llGetOwner(), "Click to visit my URL!", url);
 
            // check every 5 mins for dropped URL
            llSetTimerEvent(300.0);
        }
        else if (method == "GET")
        {
            responseStatus = 200;
            responseBody = "Hello world!";
        }
        // else if (method == "POST") ...;
        // else if (method == "PUT") ...;
        // else if (method == "DELETE") { responseStatus = 403; responseBody = "forbidden"; }
 
        llHTTPResponse(id, responseStatus, responseBody);
    }
 
    http_response(key id, integer status, list metaData, string body)
    {
        if (id == selfCheckRequestId)
        {
            // If you're not usually doing this,
            // now is a good time to get used to doing it!
            selfCheckRequestId = NULL_KEY;
 
            if (status != 200)
                request_url();
        }
        else if (id == NULL_KEY)
            throw_exception("Too many HTTP requests too fast!");
    }
 
    timer()
    {
        selfCheckRequestId = llHTTPRequest(url,
                                [HTTP_METHOD, "GET",
                                    HTTP_VERBOSE_THROTTLE, FALSE,
                                    HTTP_BODY_MAXLENGTH, 16384],
                                "");
    }
}
</pre>

===llLoadURL===
显示一个对话框，让化身决定是否需要加载网页。如果用户单击是，根据需要启动浏览器，并加载相关网页。
*llLoadURL( key avatar, string message, string url );
#key avatar: avatar UUID that is in the same region	
#string	message: message to be displayed in the dialog box	
#string	url	
*警告		
#url长度限制为255，消息内容限制为254个字符。
#必须指定协议，目前支持："https://"和"http://"。
#URL遵循规划RFC-1738。
#该函数将导致脚本休眠0.1秒。
#不能在组物体中调研这个函数，如果调用会默默失败。
#如果化身自己禁用了，该函数也会默默失败。
*例子
<pre>
default
{
    touch_start(integer num_detected)
    {
        key     id              = llDetectedKey(0);
        integer avatarInSameSim = (llGetAgentSize(id) != ZERO_VECTOR);// TRUE or FALSE
 
        if (avatarInSameSim)
        {
            string info = "Visit the There website!";
 
            // must start with either "http://..." or "https://..."
            string url = "http://vthere.bnu.edu.cn/";
 
            llLoadURL(id, info, url);
        }
        else
        {
            llInstantMessage(id, "I can only open a URL dialog on your screen if you're in my sim!");
        }
    }
}
</pre>

===llGetHTTPHeader===
返回request_id所标识的请求的头中的值.
*string llGetHTTPHeader( key request_id, string header );
#key request_id: A valid HTTP request key.	
#string header: Lower case header value name.	
*警告
#Returns an empty string if the header is not found or if the headers can no longer be accessed. Headers can only be accessed before llHTTPResponse is called and with-in the first 30 seconds after the http_request event is queued.
#Header information becomes inaccessible after 30 seconds or if llHTTPResponse is called.
#Custom headers are not supported, only the headers listed in the specification are supported.
#LSL is not a CGI environment
##"Content-Type" is an example of a normal header name, in a CGI environment the name would be "HTTP_CONTENT_TYPE".
#header must be lower case (or it will match nothing). All header names are converted to lower case when they are received.
#When making a request...
##The path part of the URL must be prefixed with a forward slash
###Good: https://sim3015.aditi.lindenlab.com:12043/cap/a7717681-2c04-e4ac-35e3-1f01c9861322/foo
###Bad: https://sim3015.aditi.lindenlab.com:12043/cap/a7717681-2c04-e4ac-35e3-1f01c9861322foo
##In order to use the query string, you must include a path (even if it is just a slash)
###Good: https://sim3015.aditi.lindenlab.com:12043/cap/a7717681-2c04-e4ac-35e3-1f01c9861322/?arg=gra
###Bad: https://sim3015.aditi.lindenlab.com:12043/cap/a7717681-2c04-e4ac-35e3-1f01c9861322?arg=gra
*例子
<pre>
key url_request;
 
default
{
    state_entry()
    {
        url_request = llRequestURL();
    }
 
    http_request(key id, string method, string body)
    {
        if (url_request == id)
        {
        //  if you're usually not resetting the query ID
        //  now is a good time to start!
            url_request = "";
 
            if (method == URL_REQUEST_GRANTED)
            {
                llOwnerSay("URL: " + body);
 
                key owner = llGetOwner();
                vector ownerSize = llGetAgentSize(owner);
 
                if (ownerSize)//  != ZERO_VECTOR
                    llLoadURL(owner, "I got a new URL!", body);
            }
 
            else if (method == URL_REQUEST_DENIED)
                llOwnerSay("Something went wrong, no url:\n" + body);
        }
 
        else
        {
            list headerList = ["x-script-url",
                            "x-path-info", "x-query-string",
                            "x-remote-ip", "user-agent"];
 
            integer index = -llGetListLength(headerList);
            do
            {
                string header = llList2String(headerList, index);
                llOwnerSay(header + ": " + llGetHTTPHeader(id, header));
            }
            while (++index);
 
            llOwnerSay("body:\n" + body);
            llHTTPResponse(id, 200, body);
        }
    }
}
</pre>

===llEscapeURL===
Returns a string that is the escaped/encoded version of url, replacing spaces with "%20" etc. The function will escape any character not in [a-zA-Z0-9] to "%xx" where "xx" is the hexadecimal value of the character in UTF-8 byte form.

===llUnescapeURL===
Returns a string that is an unescaped/unencoded version of url, replacing "%20" with spaces etc.

===llSetContentType===
llSetContentType( key request_id, integer content_type );
Sets the Internet media type "Content-Type" header of any subsequent LSL HTTP server response via llHTTPResponse.
#key request_id: a valid http_request() key	
#integer content_type: Media type to use with any following llHTTPResponse(request_id, ...)	
<pre>
key url_request;
 
string HTML_BODY =
"<!DOCTYPE html>
<html>
<body>
 
<h1>My First Heading</h1>
 
<p>My first paragraph.</p>
 
</body>
</html>";
 
default
{
    state_entry()
    {
        url_request = llRequestURL();
    }
 
    http_request(key id, string method, string body)
    {
        key owner = llGetOwner();
        vector ownerSize = llGetAgentSize(owner);
 
        if (url_request == id)
        {
        //  if you're usually not resetting the query ID
        //  now is a good time to start!
            url_request = "";
 
            if (method == URL_REQUEST_GRANTED)
            {
                llOwnerSay("URL: " + body);
 
            //  if owner in sim
                if (ownerSize)//  != ZERO_VECTOR
                    llLoadURL(owner, "I got a new URL!", body);
            }
 
            else if (method == URL_REQUEST_DENIED)
                llOwnerSay("Something went wrong, no url:\n" + body);
        }
 
        else
        {
            llOwnerSay("request body:\n" + body);
 
        //  if owner in sim
            if (ownerSize)//  != ZERO_VECTOR
            {
                llSetContentType(id, CONTENT_TYPE_HTML);
                llHTTPResponse(id, 200, HTML_BODY);
            }
            else
            {
                llSetContentType(id, CONTENT_TYPE_TEXT);
                llHTTPResponse(id, 200, "OK");
            }
        }
    }
}
</pre>
==辅助函数==
===JSON===
*LSL：http://wiki.secondlife.com/wiki/Category:LSL_JSON
*OSSL：http://opensimulator.org/wiki/OsParseJSONNew、http://opensimulator.org/wiki/OsParseJSON

==服务器相关配置==
*Opensim.ini
<pre>

    ;# {HttpProxy} {} {Proxy URL for llHTTPRequest and dynamic texture loading} {} http://proxy.com:8080
    ;; Http proxy setting for llHTTPRequest and dynamic texture loading, if
    ;; required
    ; HttpProxy = "http://proxy.com:8080"

    ;# {HttpProxyExceptions} {HttpProxy} {Set of regular expressions defining URL that should not be proxied} {}
    ;; If you're using HttpProxy, then you can set HttpProxyExceptions to a
    ;; list of regular expressions for URLs that you don't want to go through
    ;; the proxy.
    ;; For example, servers inside your firewall.
    ;; Separate patterns with a ';'
    ; HttpProxyExceptions = ".mydomain.com;localhost"

    ;# {emailmodule} {} {Provide llEmail and llGetNextEmail functionality? (requires SMTP server)} {true false} false
    ;; The email module requires some configuration. It needs an SMTP
    ;; server to send mail through.
    ; emailmodule = DefaultEmailModule

</pre>

<pre>
 ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN.
    ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter.
    ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below.
    ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing.
    ;
    ; You can whitelist individual endpoints by IP or FQDN, e.g.
    ;
    ; OutboundDisallowForUserScriptsExcept = 192.168.1.3:8003
    ; 
    ; You can specify multiple addresses by separating them with a bar.  For example,
    ;
    ; OutboundDisallowForUserScriptsExcept = 192.168.1.3:8003|myinternalserver:8000
    ; 
    ; If an address if given without a port number then port 80 is assumed
    ;
    ; You can also specify a network range in CIDR notation to whitelist, e.g.
    ;
    ; OutboundDisallowForUserScriptsExcept = 192.168.1.0/24
    ;
    ; to whitelist all ports on addresses 192.168.1.0 to 192.168.1.255
    ; To specify an individual IP address use the /32 netmask
    ;
    ; OutboundDisallowForUserScriptsExcept = 192.168.1.2/32
    ;
    ; See http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation for more information on CIDR notation

    ;# {HttpBodyMaxLenMAX} {} {Maximum bytes allowed for HTTP_BODY_MAXLENGTH} {} 16384
    ;; By default, llHTTPRequest limits the response body to 2048 bytes.
    ;; This limit can be extended using HTTP_BODY_MAXLENGTH to a maximum
    ;; of HttpBodyMaxLenMAX bytes. 
    ;; Please be aware that the limit can be set to insanely high values,
    ;; effectively removing any limitation. This will expose your sim to a
    ;; known attack. It is not recommended to set this limit higher than
    ;; the highest value that is actually needed by existing applications!
    ;; 16384 is the SL compatible value.
    ; HttpBodyMaxLenMAX=16384

    ;# {ExternalHostNameForLSL} {} {Hostname to use for HTTP-IN URLs. This should be reachable from the internet.} {}
    ;; Hostname to use in llRequestURL/llRequestSecureURL
    ;; if not defined - llRequestURL/llRequestSecureURL are disabled
    ExternalHostNameForLSL = ${Const|BaseHostname}
    
    ;# {shard} {} {Name to use for X-Secondlife-Shard header? (press enter if unsure)} {} OpenSim
    ;; What is reported as the "X-Secondlife-Shard"
    ;; Defaults to the user server url if not set
    ;; The old default is "OpenSim", set here for compatibility
    ;; The below is not commented for compatibility.
    shard = "OpenSim"

    ;# {user_agent} {} {User agent to report to web servers?} {} OpenSim LSL (Mozilla Compatible)
    ;; What is reported as the "User-Agent" when using llHTTPRequest
    ;; Defaults to not sent if not set here. See the notes section in the wiki
    ;; at http://wiki.secondlife.com/wiki/LlHTTPRequest for comments on adding
    ;; " (Mozilla Compatible)" to the text where there are problems with a 
    ;; web server
    ; user_agent = "OpenSim LSL (Mozilla Compatible)"

    ;; The following 3 variables are for HTTP Basic Authentication for the Robust services.
    ;; Use this if your central services in port 8003 need to be accessible on the Internet
    ;; but you want to protect them from unauthorized access. The username and password
    ;; here need to match the ones in the Robust service configuration.
    ; AuthType = "BasicHttpAuthentication"
    ; HttpAuthUsername = "some_username"
    ; HttpAuthPassword = "some_password"
    ;;
    ;; Any of these 3 variables above can be overriden in any of the service sections.

</pre>

*OpensimDefaults.ini
<pre>
    ; Maximum bytes allowed for HTTP_BODY_MAXLENGTH.
    ; By default, llHTTPRequest limits the response body to 2048 bytes.
    ; This limit can be extended using HTTP_BODY_MAXLENGTH to a maximum
    ; of HttpBodyMaxLenMAX bytes. 
    ; HttpBodyMaxLenMAX=16384

    ; Hostname to use in llRequestURL/llRequestSecureURL
    ; if not defined - llRequestURL/llRequestSecureURL are disabled   
    ; ExternalHostNameForLSL=127.0.0.1

    ; Disallow the following address ranges for user scripting calls (e.g. llHttpRequest())
    ; This is based on http://en.wikipedia.org/wiki/Reserved_IP_addresses
    ; This stops users making HTTP calls to machines in the simulator's local network.
    ; If you need to allow some LAN calls we recommend you use OutboundDisallowForUserScriptsExcept documented in OpenSim.ini.example
    ; If you override OutboundDisallowForUserScripts directly you need to be very careful.
    ;
    ; Network ranges are specified in CIDR notation (http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation) with multiple entries separated by |
    ; To specify an individual IP address use the /32 netmask (e.g. 192.168.1.3/32)
    ; You can also specify individual <addr>:<port> endpoints (e.g. 192.168.1.3:8003)
    ; If an address if given without a port number then port 80 is assumed.
    OutboundDisallowForUserScripts = 0.0.0.0/8|10.0.0.0/8|100.64.0.0/10|127.0.0.0/8|169.254.0.0/16|172.16.0.0/12|192.0.0.0/24|192.0.2.0/24|192.88.99.0/24|192.168.0.0/16|198.18.0.0/15|198.51.100.0/24|203.0.113.0/24|224.0.0.0/4|240.0.0.0/4|255.255.255.255/32

</pre>