5.2 build 1147
This update contains a few quality of life improvements as well as bugfixes.
Security vulnerability with cookies not being invalidated properly upon logout was also fixed.
Special thanks to Kopo942 for three contributions to this update.
Network page servers dropdown now has links to all servers in it. If you got loads of servers there is a scrollbar, so no worries. Thanks to Kopo942 for implementing this.
Login cookies now persist across restarts, so that you don't need to log back in after scheduled reboot. If you still need some way to log everyone out, /plan logout * command was added with plan.logout.other permission.
Cookie expiry time can now be set in the config under 'Webserver.Security.Cookie_expires_after'.
During implementation a security vulnerability was discovered where due to the Request headers not being passed inside the code properly, the cookie was not found during logout and was never invalidated. If a rogue actor got access to the cookie they would have been able to use it for the 2 hours cookies were valid in the previous versions.
Join address filter to the Query page
You can now filter players in the Query based on what address they have joined with.
MySQL driver trouble ("Operation not allowed for a result set of type ResultSet.TYPE_FORWARD_ONLY")
Issues with Plan mysql driver overriding driver of other plugins has been resolved by unregistering the driver after it has been loaded.
Join address gathering
- Made all addresses lowercase to make it easier to read the pie
- Fixed network join address pie counting one address multiple times when player had joined multiple game servers with the same address
- Kopo942 fixed URL hash breaking when clicking "Day by Day" or any other graph button on the Network overview tab
- Kopo942 fixed loader spinner not being centered
- Fixed a bug where AFK time was gathered for someone with plan.ignore.afk permission when they used the /afk command.
- Added a warning when database clean task timer is longer than extension data removal threshold (Stops disabled extension data from being cleaned)
- Wrote more tests and enabled old disabled tests, test coverage increased from 35% to 41%.