Details:
In this release, we've patched a critical security vulnerability related to custom inventory GUIs. Previously, the plugin identified custom GUIs by their titles, making it possible for players to spoof inventory titles and bypass certain protections. This could allow players to interact with illegal items without triggering the plugin's safeguards.

Changes Implemented:

1. Custom InventoryHolder:
   
   • Introduced a new OaExploitsInventoryHolder class that implements InventoryHolder. This custom holder is now used to manage custom GUI inventories, ensuring that they cannot be spoofed by simply changing the title.
   • The OaExploitsInventoryHolder is tied directly to the player's UUID, providing a secure way to identify and manage custom GUIs.
2. Event Handling Updates:
   
   • Updated the AntiIllegalItems class to check for the custom InventoryHolder instead of the inventory title. This change ensures that only legitimate custom GUIs are recognized and processed by the plugin.
   • Specific methods in AntiIllegalItems, such as onInventoryOpen, onInventoryClick, and others, now verify if the inventory holder is an instance of OaExploitsGUI.OaExploitsInventoryHolder.

Benefits:

• Enhanced Security:
  • The use of a custom InventoryHolder makes it significantly harder for players to spoof the system. This server-side validation ensures that only legitimate interactions are processed.
• Improved Control and Flexibility:
  • The custom InventoryHolder can store additional context about the GUI, making it easier to manage complex interactions and configurations securely.
• Code Clarity and Separation of Concerns:
  • Clear separation between GUI management and item interaction checks, resulting in more maintainable and secure code.