Book of Lost Spells On Sale Now

It's out? Cool!

And now I'm *really* nervous!

Cheers!

 

[FormerlyHemlock]

Heh. I just realized that I just leaked my name and address all over the Internet with my last post. Editing.

 

[HarrisonF]

Out of personal curiosity, how are you determining that the connection is unsecure?

So it looks like there is both a secure and non-secure version. When I was checking out, I ended up at:

http://froggodgames.org/cart/checkout

From there, I selected the form and viewed it's submission location in the inspect element:

<form class="uc-cart-checkout-form" action="/cart/checkout" method="post" id="uc-cart-checkout-form" accept-charset="UTF-8" _lpchecked="1">

The action would then be relative to the root URL, so it maintains it as http. I checked for any other use of https in the page as well, and only found the facebook and G+ links pointing to it. Last check I did was to use the debugger in safari to watch where the form was actually being submitted to (there is a network requests tracker which can show that).


If I go to https instead ( https://froggodgames.org/cart/checkout ), I get an invalid certificate which points to froggodgames.com.


If you go to https://froggodgames.com/ and then to https://froggodgames.com/cart/checkout then everything seems to work fine as far as SSL goes.

 

[FormerlyHemlock]

Just on that situation, I'd normally rule that casting it breaks stealth (they can hear you), so combat would begin immediately.

Note that to use it for 12d6 damage, you have to hold it for nine rounds - that's a lot longer than most combats go for. And while you hold it, you can't have other concentration spells active.

That said, it does have the potential to be broken. I'd like to see if players can do it!

Cheers!

Yet another use for familiars and Shadow Monk scouts: scout ahead with your familiar, and if he sees enemies ahead, quietly cast Caustic Spittle while you sneak closer...

 

[Steven Winter]

Merric;

Blood bath is the spell the acolyte knew.

Steve

 

[Moorcrys]

I bought it. Great work... there are a few wonky spells that I'll houserule but great stuff for the vast majority of it and I'm happy to have it. I'm particularly happy to round out the elemental spells for sorcerers (although I imagine we'll be getting a slew of those with the next WotC release) and to pore through the lists to add some unique spells to my deity-specific cleric domains.

It also made me laugh that my name is on the authors list, presumably because a few of my submissions were accepted for the Scarred Lands spellbooks back in the early 2000s. I can't even remember what I wrote.

 

[MerricB]

It also made me laugh that my name is on the authors list, presumably because a few of my submissions were accepted for the Scarred Lands spellbooks back in the early 2000s. I can't even remember what I wrote.

Whatever it was, it helped inspire this book!

Cheers!

 

[transtemporal]

Another way to find this same info would be to look at the HTML/JavaScript, but for me it was quicker just to start up Fiddler and use it to watch traffic.

Yep, what emdw45 said (sorry, was busy yesterday). I haven't done much at the implementation end, but I have done some work at the regulatory. I suggest having a look at the PCI DSS Quick Reference. It includes best practice standards for payment card security & transactions etc etc.

 

[Charles Wright]

I've been told that the whole site is now under the SSL. Thanks for bringing the issue up!

 

[Matau99]

Out of curiosity, anyone know where the art is online?
Thanks!

 

[Charles Wright]

In the book in PDF format is where the art can be found online.