koobas.hobune.stream
Unity Web Player corporate environment setup
We need to get the Unity Web Player approved for installation in one of our client's corporate environments. One requirement is that they can control what content is executed within the plug-in (to allow our training/simulation content while blocking unity games from the web). One possible way to achieve this is setup their corporate proxy to only allow *.unity3d files from certain domains. However there is no file extension enforced in the unity web player, and it is easy enough for a knowledgeable person to circumvent this by hosting unity content under a different filename.
Is there any restrictions that can be enforced in the Unity Web Player from an administration perspective? Registry settings somewhere? Ideally an allowed list of domains that can serve unity3d files to the web player. But even a boolean that enforces a certain file extension would work (as the corporate proxy approach can then be used).
I've created a feature suggestion for anyone else who is reading this and interested: http://feedback.unity3d.com/unity/all-categories/1/hot/active/corporate-environment-settings-f
There are no settings you can apply to the web player that I know of. You could block all unity3d files, and call yours a tyson3d file. I can't believe that anyone would seriously create a game that used a different name for the unity content. Alternatively get the client to white list sites that can be visited.
Thanks Graham. While content blocking (of things like games) is one concern of IT departments, I believe their primary goal behind something like this is to strictly enforce the allowed unity content to be executed (to guarantee that only content they approve is executed, to prevent potentially malicious content from being executed). Therefor it doesn't matter than 99.99% of unity content use *.unity3d, an attacker will easily rename their malicious content file name and avoid the file extension blacklist.
