There is a slight change the the way QueryResult works in order to satisfy the variances in the new library.
Disposing of the command with the reader appears to solve this, and hopefully, with minimal impact to plugins.
This is the first commit in a pattern that I'd like to follow. The
concept is that we specifically create handlers for things that are
"illegal per se." That is, there are no possible situations (in the
current protocol) where a packet of this type is received from a client.
In this case, I moved the emoji handler out of the Handler just for
emoji, since it seemed like an obvious case.
The rule of thumb is simple: if something is illegal per se, there
should be no possible way in the vanilla client to achieve this result.
If a player sends this combination of packets they *must* be hacking.
Not that there is a 99.9% chance they're hacking, but that there is a
100% unambiguous chance that they're hacking.
Something is illegal per se if it can only be created by a hacked
client. If there's a crashing bug that a normal player can do with a
complex series of vanilla events, that is not illegal per se.
The goal of this namespace and class of handlers is to handle exactly
one type of protocol violation, and remove the packet accordingly. If it
is ever reported that the packet can be sent from a vanilla client, the
check must be removed as it is no longer a per se violation of the
protocol.
In a previous PR I have added the tile entity request packet handler which checks for building permissions to prevent the unauthorized player to open a DisplayDoll and see its content.
This Handler is being added to prevent *Hackers* from modifying a DisplayDoll through direct/crafted packet sending, or by sending raw byte data to the server.
In a valid enviroment, the player couldn't even get to see the content of the doll in the first place, to then try to modify it's items.
Because of this, I do not bother with making sure the player gets their item back.
