don't use discord "cdn", make time desync more sensitive

README.md

@@ -3,7 +3,7 @@ VIAaaS
 
 VIAaaS - ViaVersion as a Service - Standalone ViaVersion proxy
 
-<img alt="VIAaaS Logo (VIA logo with structural formula of aspirin)" height="200" src="https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png">
+<img alt="VIAaaS Logo (VIA logo with structural formula of aspirin)" height="200" src="https://viaversion.github.io/VIAaaS/src/main/resources/web/logo.png">
 
 Address generator: https://jo0001.github.io/ViaSetup/aspirin
 
@@ -29,8 +29,8 @@ Offline mode tutorial: https://youtu.be/lPdELnrxmp0
   and [ViaRewind](https://viaversion.com/rewind) translates the connections to backend server.
 - VIAaaS auth page stores account credentials in the player's browser local storage. Check for XSS vulnerabilities on
   your domain.
-- It requires a CORS Proxy for calling Mojang APIs, which may make Mojang see that as
-  suspicious and block your account password if the IP address seems suspect.
+- It requires a CORS Proxy for calling Mojang APIs, which may make Mojang see that as suspicious and block your account
+  password if the IP address seems suspect.
 - Account credentials aren't sent to VIAaaS instance, though it's intermediated by CORS Proxy.
 - The web page receives and validates a the session hash from VIAaaS instance.
 
@@ -64,7 +64,8 @@ java -jar VIAaaS-all.jar
 
 - For less chance of Mojang seeing the login as suspect, you (the player) should set up a CORS proxy on your machine.
 - Note the ending slash in cors-anywhere address
-- You can also try my public instance at https://crp123-cors.herokuapp.com/ ([source](https://github.com/creeper123123321/cors-anywhere/))
+- You can also try my public instance
+  at https://crp123-cors.herokuapp.com/ ([source](https://github.com/creeper123123321/cors-anywhere/))
 
 ### Setting up [cors-anywhere](https://www.npmjs.com/package/cors-anywhere) on local machine:
 
@@ -87,13 +88,14 @@ node server.js
 
 Web login:
 
-- You can use the same username for front-end and back-end connection. It's also possible to use an 
-  offline mode connection on front-end (use ``_of``).
+- You can use the same username for front-end and back-end connection. It's also possible to use an offline mode
+  connection on front-end (use ``_of``).
 - Go to VIAaaS auth webpage (default is https://localhost:25543/)
 - Listen to the username A (you'll use it to connect to the VIAaaS instance).
 - Add the account B (you'll use it in backend server).
 - Keep the page open
-- Connect with your account A to ```mc.example.com._u(account B).via.localhost``` (```_u``` can be removed if username is the same)
+- Connect with your account A to ```mc.example.com._u(account B).via.localhost``` (```_u``` can be removed if username
+  is the same)
 - Approve the login in the webpage
 
 Fabric client:
@@ -115,7 +117,8 @@ Fabric client:
 - You can use ``(option)_(value)`` too, like ``p_25565``.
 - ```server.example.net```: backend server address
 - ```_p```: backend port
-- ```_v```: backend version ([protocol id](https://wiki.vg/Protocol_version_numbers) or name, replace ``.`` with ``_``). ```AUTO``` is default (1.8 fallback).
+- ```_v```: backend version ([protocol id](https://wiki.vg/Protocol_version_numbers) or name, replace ``.`` with ``_``)
+  . ```AUTO``` is default (1.8 fallback).
 - ```_o```: ```t``` to force online mode in frontend, ```f``` to force offline mode in frontend. If not set, it will be
   based on backend online mode.
 - ```_u```: username to use in backend connection
@@ -176,4 +179,5 @@ Fabric client:
 
 #### Can you support more versions / Is there some alternative?
 
-- See [DirtMultiVersion](https://github.com/DirtPowered/DirtMultiversion) and RK_01's ViaProxy server (lenni0451.net:25563)
+- See [DirtMultiVersion](https://github.com/DirtPowered/DirtMultiversion) and RK_01's ViaProxy server (lenni0451.net:
+  25563)

src/main/resources/viaaas.yml

@@ -71,7 +71,7 @@ listening-ws-limit: 10
 # Misc
 #####
 # Favicon URL to use in disconnection messages.
-favicon-url: https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png
+favicon-url: https://viaversion.github.io/VIAaaS/src/main/resources/web/logo.png
 # Requires online mode for front-end connections. May be useful for stopping bots.
 force-online-mode: false
 # Max players to allow connection. Use -1 to not limit

src/main/resources/web/index.html

@@ -10,13 +10,13 @@
     <meta content="VIAaaS" property="og:title">
     <meta content="VIAaaS - ViaVersion as a Service - Standalone ViaVersion Proxy" property="og:description">
     <meta content="game" property="og:type">
-    <meta content="https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png"
+    <meta content="logo.png"
           property="og:image">
-    <link href="https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png" rel="icon">
+    <link href="logo.png" rel="icon">
     <link rel="manifest" href="manifest.json">
     <meta content="default-src 'self';
 style-src https://cdnjs.cloudflare.com/ 'self';
-img-src data: https://cdn.discordapp.com/ https://crafthead.net/ https://crafatar.com/;
+img-src 'self' data: https://crafthead.net/ https://crafatar.com/;
 connect-src 'self' http://localhost:*/ https: wss:;
 script-src 'self' https://*.cloudflare.com/ https://alcdn.msauth.net/ https://*.cloudflareinsights.com/ 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='"
           http-equiv="Content-Security-Policy">
@@ -151,7 +151,7 @@ script-src 'self' https://*.cloudflare.com/ https://alcdn.msauth.net/ https://*.
             </div>
             <div class="modal-body">
                 <!-- Design somewhat stolen/inspired from Gnome -->
-                <img src="https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png"
+                <img src="logo.png"
                      class="mx-auto d-block" alt="VIAaaS logo" width="150">
                 <div class="text-center mb-3">
                     <h5>ViaVersion as a Service</h5>

src/main/resources/web/js/page.js

@@ -69,7 +69,6 @@ function swCacheFiles() {
         action: "cache",
         urls: performance.getEntriesByType("resource")
             .map(it => it.name)
-            .filter(it => it.endsWith(".js") || it.endsWith(".css") || it.endsWith(".png"))
     })); // https://stackoverflow.com/questions/46830493/is-there-any-way-to-cache-all-files-of-defined-folder-path-in-service-worker
 }
 
@@ -240,7 +239,7 @@ function resetHtml() {
 function ohNo() {
     try {
         icanhazepoch().then(sec => {
-            if (Math.abs(Date.now() / 1000 - sec) > 15) {
+            if (Math.abs(Date.now() / 1000 - sec) > 10) {
                 addToast("Time isn't synchronized", "Please synchronize your computer time to NTP servers");
             } else {
                 console.log("time seems synchronized");

src/main/resources/web/manifest.json

@@ -2,11 +2,11 @@
   "short_name": "VIAaaS",
   "name": "VIAaaS - ViaVersion as a Service",
   "icons": [{
-    "src": "https://cdn.discordapp.com/attachments/316218802155028482/850014925622476820/unknown.png",
+    "src": "./logo.png",
     "sizes": "600x600",
     "type": "image/png"
   }],
-  "start_url": ".",
+  "start_url": "./index.html",
   "background_color": "#3367D6",
   "display": "standalone",
   "theme_color": "#0468a1",

src/main/resources/web/sw.js

@@ -11,14 +11,14 @@ self.addEventListener("notificationclick", event => {
 var CACHE = "network-or-cache";
 
 self.addEventListener("install", evt => {
-  evt.waitUntil(cache(["./"]));
+  evt.waitUntil(cache(["./index.html"]));
 });
 
 self.addEventListener("fetch", evt => {
-  if (evt.request.mode != "navigate") return;
+  if (!shouldCache(evt.request.url)
+    || evt.request.method != "GET") return;
   evt.respondWith(
-    fromNetwork(evt.request)
-      .catch(() => fromCache(evt.request))
+    fromCache(evt.request).catch(() => fromNetwork(evt.request))
   );
 });
 
@@ -28,8 +28,12 @@ addEventListener("message", e => {
   }
 });
 
+function shouldCache(it) {
+  return it.endsWith(".js") || it.endsWith(".css") || it.endsWith(".png") || it.endsWith(".html")
+}
+
 function cache(urls) {
-  return caches.open(CACHE).then(cache => cache.addAll(urls));
+  return caches.open(CACHE).then(cache => cache.addAll(urls.filter(shouldCache)));
 }
 
 function fromNetwork(request) {