-
Notifications
You must be signed in to change notification settings - Fork 4
CFC Client HTTP Whitelist integration
The 3D Stream Radio addon has an official integration for the CFC Client HTTP Whitelist addon. You can find the addon here: https://github.com/CFC-Servers/cfc_cl_http_whitelist
CFC Client HTTP Whitelist (in short "CFC Whitelist") is a third party addon for protection against potential or dangerous HTTP requests. It works similar to the built-in whitelist, but it has more features in general. The radio addon does not and MUST NOT change CFC Whitelist's settings. So please refer to the documentation of the CFC Whitelist addon if you need to change something about it.
This protection will help against these (not limited to) threats:
- IP Grabbers, a preparatory attack vector used for subsequent DDoS attacks on clients.
- Malware that could abuse a vulnerability in GMod or the BASS sound engine.
- Unwanted, inappropriate or even illegal content.
- Other untrustworthy sources.
The CFC Whitelist protection applies to this radio addon AND any other addon you might have installed.
By default having this CFC Whitelist addon installed will disable the built-in whitelist, unless the ConVar sv_streamradio_url_whitelist_enable_on_cfcwhitelist has been set to 1. This is to ensure there are no usability hiccups around the whitelisting.
In general both can coexist. But having both active could produce difficult to understand whitelist blocking behavior to the user. Both cases are safe to use.
The CFC Whitelist always active as long it is installed. It can not be turned off. It only applies for online URLs (e.g. https://...). For local file paths it is NOT active, because there are no external HTTP requests to be send.
Differently to the built-in whitelist, the client can change them on their own in-game, but only for themselves. Their changes will not affect other clients.
Admins can still configure the whitelist that is loaded to the clients on server join. However it is a little more difficult to do so, as CFC Whitelist has no in game controls for that. Please refer its documentation if you need to know more about this.
Yes, it does.
No, it can't and you shouldn't. If the server has it, you have it too.
No, you would need to download it from there: https://github.com/CFC-Servers/cfc_cl_http_whitelist
No! Never. This is simply not an option. It would condensed as backdooring and therefore malicious by nature. It is also impossible to do so. Don't ask me to change something about this unless you want to risk to be permanently blocked/banned from my comment sections!
Only online URLs (e.g. https://...) will be checked. The client will requested URL against its whitelist configured via CFC Whitelist the addon. This happens before each and every online request an radio entity attempts to send.
Usage:
Whitelisting and security: