Closed SquidDev closed 12 months ago
that does seem like a much better way of handling it.
looks like ComputerServerMessage
varies a little bit between CC:R and CC:T so I'll make the change once I switch over to just CC:T for 1.20
Oh, you don't want to be using ComputerServerMessage
! It's just to demonstrate the concept :).
that does make more sense,, i'll throw it into the next (/hopefully last) 1.19 version then
fixed in v1.2.3
The keyboard sends key presses from the client to the server by sending the key information along with the block position of the peripheral. However, this block position is not verified in any way, allowing a malicious client to type on any keyboard in the same dimension:
https://github.com/SamsTheNerd/ducky-periphs/blob/44d9ff06979cae39dd00e712f42f45a6684160d9/common/src/main/java/com/samsthenerd/duckyperiphs/peripherals/keyboards/KeyboardUtils.java#L20-L27
I think a cleaner option here is to do what CC:T does, and associate the packet with the currently opened container/screen handler (see
ComputerServerMessage
. This way all state is managed server side - in fact, you don't even need to send the block pos to the client!