Client's can run string commands on the server with no rate limit. This means when you run 50k+ commands that are unknown, or spam 30k 'status' commands, you will be able to hang the server for 800/1200ms (15k/30kms if script printing to console is enabled!). Although the netchan processing budget system will kick you, the damage has already been done at this point. This change effectively breaks the ability to DOS the server from the client using networked string commands.
In easier words; binding 'status' to your mousewheel will get you kicked from the server, without hitching the server.
Implement net message process budget (channel gets removed if value is exceeded).
Use 'net_processLimit' to enable the implementation on the server. It will get enabled by default after testing and some cleanup. This helps against people trying to slow the server down by spamming net messages with a higher rate, e.g. using 'bind "mousewheel_up" "status"'.
* Added more color coded flags to the console autocomplete window.
* Removed 'hidden' as FCVAR_HIDDEN is now enforced on the autocomplete window.
* force real-time CommandBase flags (previously compile-time).
* Fixed bug where multiple of the same entries get added to the global ban/refuse list.
* Fixed bug where we still use the client instance after deleting it in 'CBanSystem::BanListCheck()'.
* Load banlist at a later state (not at construction of class), this is needed for a future change of adapting the 'business' code to feature the game's FileSystem.
* CServer cleanup.
* More detailed ban messages (banned, added to refused list, removed from slot, etc..).
* Use localization key for banned message ("#Valve_Reject_Banned").
* Add const qualifiers to all CPylon methods.
Note:
* This commit requires changes on the master server, these changes are already performed, however the new master server isn't live yet until we publish the new release.
Set 'survival_wallrun_enabled' and 'survival_wallrun_enabled' to 0 in defaults.
I get a lot of mixed opinions on this, there are people who prefer wallrunning and double jumping, but there are also people who don't want these enabled. I received advice to disable them for defaults for the time being (all br modes and firing range/training modes have them disabled, tdm/ctf and dev_default have them enabled).
* Add ConVar to allow user to set/unset FCVAR_DEVELOPMENTONLY ConVar's (default behavior would never be hit without this ConVar).
* Add icons to display the flags of a certain CommandBase.
* Fixed Dear ImGui not displaying images correctly (descriptor needs DXGI_FORMAT_R8G8B8A8_UNORM_SRGB due to the nature of this game).
* Dynamically obtain buffer sizes of resources taken from modules.
* Light SDK cleanup.
* Added ability to invert rect to calculate offsets from bottom/right as well so debug text doesn't get out of view, or obstruct view when window is resized.
* Added Con_NPrintf() hook which shows detailed systems running times and VGUI panel debug information.
