Closed ugexe closed 11 months ago
It's going to be in the jar anyway, what's the alternative 🤔 Users aren't going to get their own license for sure
Okay so my first idea was to proxy the requests through a reverse proxy to hide the license key in the env variable going to nginx config, but MaxMind has blocked requests through reverse-proxies in their cloudflare configuration.
Back to the drawing board..
Since this project is distributed as a jar file obfuscating the license key retrieval is best I can do at the moment.
I can't stop malicious actors that really want the license key since they can read it from memory at runtime despite of any attempts to obscure it.
If you have any ideas I'm open to hearing them.
Your license is no longer valid for Fabric 1.20.1 version, and I'd like to avoid storing my key in config. Can we use manually downloaded databases, and how?
Temporary setting "Geolocation_Download_URL:" variable does nothing (it's a valid link). Mod just keeps using default download URL.
I think using the maxmind updater with Plan directory set as the download location would work.
The EULA requires updating the file all the time so if I remember correctly the modification date of the file is checked each boot and if it's new enough it'll be accepted as is.
https://github.com/plan-player-analytics/Plan/blob/f9d28489c282c67f14804c536c4a34c5ce3712e7/Plan/common/src/main/java/com/djrapitops/plan/gathering/geolocation/GeoLite2Geolocator.java#L97