Skip to content

CFC Client HTTP Whitelist integration

Grocel edited this page Oct 29, 2023 · 13 revisions

The 3D Stream Radio addon has an official integration for the CFC Client HTTP Whitelist addon. You can find the addon here: https://github.com/CFC-Servers/cfc_cl_http_whitelist

CFC Client HTTP Whitelist (in short "CFC Whitelist") is a third party addon for protection against potential or dangerous HTTP requests. It works similar to the built-in whitelist, but it has more features in general. The radio addon does not and MUST NOT change CFC Whitelist's settings. So please refer to the documentation of the CFC Whitelist addon if you need to change something about it.

CFC Client HTTP Whitelist FAQ

What does it protect against?

This protection will help against these (not limited to) threats:

  • IP Grabbers, a preparatory attack vector used for subsequent DDoS attacks on clients.
  • Malware that could abuse a vulnerability in GMod or the BASS sound engine.
  • Unwanted, inappropriate or even illegal content.
  • Other untrustworthy sources.

The CFC Whitelist protection applies to this radio addon AND any other addon you might have installed.

How does it play together with the built-in whitelist?

By default having this CFC Whitelist addon installed will disable the built-in whitelist, unless the ConVar sv_streamradio_url_whitelist_enable_on_cfcwhitelist has been set to 1. This is to ensure there are no usability hiccups around the whitelisting.

In general both can coexist. But having both active could produce difficult to understand whitelist blocking behavior to the user. Both cases are safe to use.

When is CFC Whitelist active?

The CFC Whitelist always active as long it is installed. It can not be turned off. It only applies for online URLs (e.g. https://...). For local file paths it is NOT active, because there are no external HTTP requests to be send.

Who can change the whitelist?

Differently to the built-in whitelist, the client can change them on their own in-game, but only for themselves. Their changes will not affect other clients.

Admins can still configure the whitelist that is loaded to the clients on server join. However it is a little more difficult to do so, as CFC Whitelist has no in game controls for that. Please refer its documentation if you need to know more about this.

Does it support wildcards or patterns?

Yes, it does.

Can this be disabled?

No, it can't and you shouldn't. If the server has it, you have it too.

Does the radio ship with CFC Whitelist?

No, you would need to download it from there: https://github.com/CFC-Servers/cfc_cl_http_whitelist

Will I remove or bypass CFC Whitelist?

No! Never. This is simply not an option. It would condensed as backdooring and therefore malicious by nature. It is also impossible to do so. Don't ask me to change something about this unless you want to risk to be permanently blocked/banned from my comment sections!

How are the checks done?

Only online URLs (e.g. https://...) will be checked. The client will requested URL against its whitelist configured via CFC Whitelist the addon. This happens before each and every online request an radio entity attempts to send.