You can now chose between Flash, SuperNova, Ruffle and AwayFL to play Flash games on Kongregate!
< Opiniones de Kongregate Flash games fixer
Hello nosamu!
I am so glad that a Ruffle developer found this, because the various changes in the Kongregate staff and Flash games pages (including flashvars disappearing or being given the wrong values) made me fear that the Kongregate API would not be able to work as before in Ruffle (high scores submission, premium content...). Especially the AVM1 API, with that game shell thing... Happy to know that the correct values will be able to be used for testing.
I actually read this comment yesterday and was surprised. The encoded values were what had always been parsed to Adobe Flash Player to make everything work. should not Ruffle behave the same way? Why would it only accept decoded/non-encoded variables?
Anyway, I will update my script later today. Thank you, I had not realized that the non-encoded values had a positive output.
By the way, if you ever need some tweaks for further testing, or even a specific version, feel free to ask me.
Fix released!
made me fear that the Kongregate API would not be able to work as before in Ruffle
Well, I think there's some advanced interactions between the Kong API and the page JS that Ruffle may not be able to support, but more basic functionality is there at least.
The encoded values were what had always been parsed to Adobe Flash Player to make everything work. should not Ruffle behave the same way? Why would it only accept decoded/non-encoded variables?
Ruffle's polyfill script correctly detects encoded flashvars, but users of Ruffle's JavaScript API are expected to conform to its standards. I guess the Ruffle developers who designed the API thought it made more sense to make it accept non-encoded flashvars. Those are the original values after all, so theoretically it's wasteful to make users encode the values just for Ruffle to decode them again.
Fix released!
Great, thanks! Can confirm that it works.
Ruffle's polyfill script correctly detects encoded flashvars, but users of Ruffle's JavaScript API are expected to conform to its standards. I guess the Ruffle developers who designed the API thought it made more sense to make it accept non-encoded flashvars. Those are the original values after all, so theoretically it's wasteful to make users encode the values just for Ruffle to decode them again.
Aaah, okay. It makes sense.
By the way, if you ever need some tweaks for further testing, or even a specific version, feel free to ask me.
I appreciate it! It would actually be really useful for me to have a way to set the default player that loads on the game page without needing to edit the script's code. Right now the logic seems to be 'Flash Player if supported, otherwise SuperNova if on Windows, otherwise Ruffle'. As a Ruffle developer, I'd like to set it to Ruffle all the time. I already edited the code on my end, but I think you could add a preference for it with something like GM.getValue, though I'm not sure if that's the most cross-compatible way.
Hmm... I would like to avoid adding extra permissions. What would you think about a second user script, a sort of add-on to the main one? This would actually be a lot easier to make, and I could even modify the buttons specifically for you: removing the superNova one for example (do you even need it?), and even adding a button that makes Ruffle load AVM1 games load inside their game shell (which is needed for the AVM1 Kongregate API to work, but is not possible yet so you might want to be able to test it more easily).
I've never looked into the AVM1 API. This could be something to consider for the future if we try to get that working - I'll remember to ask you about it then. For now I guess I'm fine with editing the script after each update, it's not a big deal.
Well, here is the add-on script: https://greasyfork.org/en/scripts/462430-kongregate-flash-games-fixer-add-on-ruffle-oriented
You will no longer need to modify the main one's code, which could have prevented you from getting automatic updates. All it does for now is changing the default swf player to Ruffle, but I will add more if you ever need it - just tell me!
Got it, thanks!
I just noticed that your script is breaking Ruffle's SWF download functionality ("Download .swf" in the context menu). This is happening because the script is changing the SWF URL to use HTTP instead of HTTPS. Is there a particular reason to do that? Changing var prot="http"; to var prot="https"; fixes the problem.
Argh! Yes, I default most games to http because when Kongregate switched to https in... 2017 (?), they identified somes games that would break on https and kept them on http, but did not identify ALL of those games. Considering that there is no cross-origin problem with Ruffle when using different protocols, I figured that this would be harmless.
Is there any way to modify the download URL without modifying the played swf? If there is not, then I will make files load from the page protocol.
What is missing or different at Ruffle side to send high scores like Flash Player?
From what I understood, Kongregate is using some kind of exploit in Flash Player's code to send them. They are not the only ones to use it though, and apparently it was not that uncommon back in the day. For security reasons, Ruffle is not reproducing this behaviour. Therefore, unless they change their mind Kongregate will have to modify a few lines of codes on their end (which would be a terrible thing to do, considering the current incompetency of their engineers).
Another thing to note is that a good part of older Flash games on Kongregate (a third?) would not send high scores even if this was fixed because there is an issue with how Ruffle handles... some things. That should be fixed someday but I do not know when. I wish I could work on the project, eh.
Here was my little understanding of the situation but I am not a computer wizard nor a Ruffle developer so there could be some mistakes.
Last month was working fine. This month is a problem with any subchild of a swf.
Example: without this script the domain is game195780.konggames.com, with this script is chat.kongregate.com . Ubuntu Firefox/Chrome.
I had to force at line 203 : no_CORS=true; to use this script again.
Hello Nosmin,
The games I tried all loaded correctly in Ruffle, including Universe, which you reported above. Which version of my script are you using and what is your user script manager?
Last one, 8.4.1, from three weeks ago, with tampermonkey.
Is my game Universe. But with the script is trying to take list.swf from chat... and not from game... and need to set no_cors manually at line 203 in the script.
I was hoping it was not a problem only here but I don't know why is different there.
I do not know either why there is a problem. Those no_cors lines exist to make sure that files are taken from the correct subdomain (chat.kongregate.com for example, as it should be, or gameXXXXXX.konggames.com when everything else fails). On my end, everything is properly loaded. Is this list.swf blocked on your end, with either a 404 error or a CORS error? If this is the case, then there might be a setting on your end that is blocking the files.
Just to make sure, you are trying to play with Ruffle, right? Or AwayFL? I have been doing my tests with Ruffle so far, even though AwayFL should be impacted the same way by your issue (I have noticed that the game does not load in AwayFL, however, but I have been assuming that this was because AwayFL could not run it yet).
Ruffle.
CORS error, of course.
Yes, on both firefox/chromium. Maybe a feature to set that variable on/off in case there are other people like in my situation? Because here it is not recognizing that is failing to take from chat.kongregate.com.
Thing is, the code should not fail to catch that. It is specifically written for this case.
I need to understand why this happens. Do you have other user scripts installed or other extensions? If so, what happens if you disable everything but Tampermonkey and my user script?
You said that it was working fine previously. Do you know precisely when it stopped working fine? Also, did anything change around this time, like something updating?
Was ok in the first half of october. The 8.4 and 8.4.1 changes difference against 8.3 looks good to me. Downgrading to 8.3 when was working is same error at this moment.
Here was arm (raspberry). Also x86_64 ubuntu firefox has same problem. Same at edge windows. 3 different systems in total for Ruffle. With flash is working fine.
When I'm not setting no_CORS, is taking main swf from chat..., list from chat..., cors error.
In the other case: main swf from game..., list from game..., but now is accepting.
CORS headers are set by Kongregate and are the same for everyone, so you should not be facing this issue. There is definitely something on your end blocking the files.
I appreciate that you tested different system, but I am even more confused that it does not work for any of these.
Argh, I will need to think about it.
There is something I would like you to try. Could you please replace what you wrote in line 203 with the line below?
console.log("window.no_cors="+window.no_cors+"\\n"+"no_CORS="+no_CORS);
Then, open your web console (open the developer tools, then the "console" tab) and look for the following lines, or similar ones:
window.no_cors=false
no_CORS=false
There might be a lot to read through, so in the settings (in Firefox, you can find those at the top) uncheck everything besides "log" or "logs". I would like to know if you obtain the same values as I do. Else, even though I would not know what would be causing this, I would at least have an idea of how circumventing the bug.
Is easy to step in. Yes, window.no_cors and no_CORS are false.
The point is: The main swf is accepted both on chat... and on game... . When list.swf is requested, on chat... is error, on game... is passing. A fast idea is to make game... default or to have an option to select.
The konggames.com subdomains should not be the default domain, as some games only work on the TRUE subdomain, which is either chat.kongregate.com, assets.kongregate.com or internal.kongregate.com depending on the game. An option to select which one to use should not be needed, because the script should detect automatically if the latter can be used, or if it must fall back to konggames.com.
I must understand why list.swf refuse to load on your computer, while there is no error for the main swf.
If you open the "network" tab of the developer tools, then load the game: what do you have in the line of list.swf? The line that starts like this: https://prnt.sc/N4GmctAPbCxv
The whole line may be helpful. If it was blocked by something, this might be indicated here.
Also, what does the console say about list.swf? I would like to have the whole line too.
There must be something that will hint to the problem, somewhere...
It is the same like you for the url (https://chat.kongregate.com/...).
The error is this: Access to fetch at 'https://chat.kongregate.com/gamez/0019/5780/live/list.swf' from origin 'https://game195780.konggames.com' has been blocked by CORS policy
Firefox/chromium linux arm64, firefox/chrome linux amd64, edge windows x86_64.
Main swf response header Access-Control-Allow-Origin is https://game195780.konggames.com
Then list.swf request header Origin is https://game195780.konggames.com and, again, url is https://chat.kongregate.com/...
Is "await fetch(url);" that is ok for chat... (at me and at you). Here Access-Control-Allow-Origin is game... I think there is chat... . And the problem at any child load (only here).
I was hoping that the console would tell more than this. Everything is surprising here: not only a file is blocked by CORS policy for only one of us, but it is also just one subfile that is affected.
This may be caused by a firewall or some security measures... but my knowledge on those is almost inexistant. Is this happening on your personal computer, with classic fonguration? Or are you on an intranet, or at work, or with some special setup?
Yes, all subfiles are affected. I see this in multiple cases here.
There is not another blocker. The browser thinks the origin is "https://game." even when the initial request was from "https://chat.".
Yes these computers are personals. I don't care if is only here, then.
I am clueless about what how to properly solve this bug, so considering that I have already made you lose enough time, here is a user script that you can copy and paste in Tampermonkey:
// ==UserScript==
// @name Kongregate Flash games fixer - take swf only from konggames
// @version 1
// @author Matrix4348
// @description Do not bother with cross-origin ressource sharing and force swf to be taken from konggames.com instead of kongregate.com even if this would be possible.
// @license MIT
// @match *://*.konggames.com/games/*/*/frame/*
// @run-at document-start
// @grant unsafeWindow
// ==/UserScript==
Object.defineProperty(unsafeWindow,"no_cors",{ value: true, writable: false, enumerable: true });
I prefer this over creating a setting for various reasons, but this one remains simple and you can toggle the script on and off at will. I am still hoping to figure out what happened on your computer, someday.
Remember to factory reset the copies of my script that you modified, as automatic updates are usually disabled on locally modified user scripts.
Thanks for this useful tool! Recently I noticed that Kongregate is passing flashvars to Ruffle incorrectly; see my comment here: https://github.com/ruffle-rs/ruffle/issues/9573#issuecomment-1477341626
Here is a patch for your script to make it decode flashvars before passing them to Ruffle. This makes games like HitBox that use the Kongregate API work correctly in Ruffle.