Improve download command

[1robie]

This pull request introduces a configurable allow-list for downloadable websites, improving security by restricting which hosts are permitted for inventory downloads. It also refactors the download logic to provide clearer error handling and user feedback, and enhances file name validation to prevent unsafe or malformed file names.

Security and Configuration Enhancements:

• Added a new configuration option allowedDownloadableWebsite in Configuration.java and the config file, defaulting to minecraft-inventory-builder.com, to specify which hosts are allowed for inventory downloads. The config is now loaded and saved accordingly. [1] [2] [3] [4]
• The download logic in ZWebsiteManager now checks if the requested host matches an entry in allowedDownloadableWebsite, rejecting downloads from unauthorized hosts.

User Feedback and Error Handling Improvements:

• Introduced a DownloadResult enum to clearly distinguish different download outcomes, enabling user-friendly error messages for cases such as unauthorized hosts, invalid file types, and file existence. [1] [2]
• Added a new message WEBSITE_DOWNLOAD_ERROR_HOST to inform users when a download is rejected due to an unapproved host, displaying both the attempted host and the allowed hosts.

File Name Validation:

• Improved logic for extracting and validating file names from the Content-Disposition header, ensuring only safe, well-formed names are used and falling back to a random name if necessary.…oad error handling

[nulledphx]

Glad to see this being addressed. This fix covers the RCE/Path Traversal issues I reported earlier in Issue #235

[Copilot]

Pull request overview

This PR tightens the /download command by introducing a configurable allow-list of permitted download hosts, refactoring download outcomes into an explicit result enum for clearer user feedback, and hardening downloaded file name handling to avoid unsafe names.

Changes:

• Add Configuration.allowedDownloadableWebsite (persisted via config load/save) and reject downloads from non-allowed hosts.
• Refactor download flow to return a DownloadResult and map outcomes to specific user messages (including a new “host not allowed” message).
• Sanitize Content-Disposition filenames (basename-only + strict regex) and fall back to a random name when invalid/missing.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.

File	Description
src/main/java/fr/maxlego08/menu/website/ZWebsiteManager.java	Implements allow-list host validation, refactors download handling, and tightens filename extraction/validation.
API/src/main/java/fr/maxlego08/menu/api/utils/Message.java	Adds a user-facing error message for blocked hosts.
API/src/main/java/fr/maxlego08/menu/api/configuration/Configuration.java	Adds config field + load/save support for allowed downloadable hosts.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.