* Implement first response parts of http caching
* Implement cached response for static resources
* Implement HTTP caching for json responses
* Fix last seen value for online players
* Implement http caching for pages (.html)
* Use placeholder cache even with async requests.
Affects issues:
- Close#2813
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
- Refactored Webserver request handling code to be easier to read
- Adds support for larger range of cipher suites and protocols for HTTPS
- Adds support for HTTP/2 and ALPN and as result more concurrent users than before
- APIs are fully compatible with previous code
Thanks to Kopo for assistance
Affects issues:
- Close#1987
Replaced Abstract Plugin Framework with Platform Abstraction Layer
Large amount of changes due to removal of features from the library,
and change of the way the abstraction is achieved.
Removes features from Plan:
Removed debug logging (Considered useless when debugging issues)
Removed /debug page (Considered useless when debugging issues)
Removed enable timing (Benchmarking utility was removed from the library)
- Added login.html and register.html
- Added .bg-gradient
- Added logonsine.js for a decoration.
- Added /login, /register, /auth/login, /auth/logout and /auth/register endpoints
- Redirects to /login if cookie not present with auth enabled.
- Basic login functionality using cookies
- Registration page allows new kind of registration that doesn't log passwords on console.
- Fixes a bug with stippets that blocked any cross-plugin modifications (PageExtension API)
- Fixes a typo with css snippet code that made the css not apply (PageExtension API)
Aurora Lahtela
Risto Lahtela