* Add Admin Code 25 : XSS Message As Server (why?)
Added the ability to send messages from the server name (without username), with XSS.
Accepts 1 string argument : message text
* remove redundant switch statement and add check for msgArr length
---------
Co-authored-by: Elijah R <62162399+elijahr2411@users.noreply.github.com>
This provides a much more reliable way to handle arguments with spaces,
such as usernames.
The ban process's stdout and stderr are now redirected to the server,
in case they have output that would be good in the server's logs.
IMPORTANT:
This commit contains new config options.
Make sure your local config file is up to date with config.example.toml to avoid issues.
CHANGELOG:
- Fix crash exploit caused by abnormally long WebSocket messages
- Added config option for limiting the maximum amount of active connections from the same IP
- Made per-IP turn limiter configurable
- Fixed an issue where vote updates were not sent to clients in some cases
- Added warning about using qmpSockDir on Windows hosts
- Updated dependencies
- Removed unused code/imports
Previously it was possible to "impersonate" (to those not looking closely) other users by putting whitespace before or after the name of choice. This commit eliminates that.
The previous default of 5 messages is utterly lame and didn't provide enough context to anything, and was also a downgrade from the old server as that had 10 messages by default (of which we're now going back to with this change).
* Add IPData, Windows support, bugfixes
Changes:
- Added IPData: mutes and votes are now tracked per-IP instead of per-user.
- Windows support: QMP over TCP can now be enabled in the config.
- Vote cooldown can now be specified in the config.
- Fixed bugs:
"Username is already taken" message appearing when it shouldn't
* Remove vote from closed connections
---------
Co-authored-by: Elijah R <62162399+elijahr2411@users.noreply.github.com>
