Are you using MySQL?
No
Are you using a proxy?
Yes - Velocity
"/version ChatControlRed" - plugin version
12.0.2
Optional: Error log
No response
ZIP of "/chc debug"
No response
Steps to reproduce
I think there is a color bypass in ChatControl 12.0.2
A normal player without color permissions can send this:
&<>#123456 test
and the message becomes colored.
I tested after deopping the player to make sure it was not an op / permission issue. Normal MiniMessage colors like , <#123456>, &c, and did not work anymore, which is correct. But &<>#123456 still colored the message.
The log also shows this when testing &<>#123456 test:
[ChatControl] Warning: Filtering unknown tag '' in message '&<> test'. To allow it, set Filter_Unknown_Mini_Tags to false in settings.yml.
Main issue is just that players without color permission can still use hex colors by putting <> inside the color code.
Are you using MySQL?
No
Are you using a proxy?
Yes - Velocity
"/version ChatControlRed" - plugin version
12.0.2
Optional: Error log
No response
ZIP of "/chc debug"
No response
Steps to reproduce
I think there is a color bypass in ChatControl 12.0.2
A normal player without color permissions can send this:
&<>#123456 test
and the message becomes colored.
I tested after deopping the player to make sure it was not an op / permission issue. Normal MiniMessage colors like , <#123456>, &c, and did not work anymore, which is correct. But &<>#123456 still colored the message.
The log also shows this when testing &<>#123456 test:
[ChatControl] Warning: Filtering unknown tag '' in message '&<> test'. To allow it, set Filter_Unknown_Mini_Tags to false in settings.yml.
Main issue is just that players without color permission can still use hex colors by putting <> inside the color code.