[Connector] Add command validation and whitelist to RCON gateway

[Flegma]

Summary

The RCON WebSocket gateway needs command validation to ensure only authorized commands are executed.

Tasks

• Implement a whitelist of allowed RCON commands
• Add command length and format validation
• Add rate limiting to prevent abuse
• Log all RCON commands for audit trail

Impact

Could allow execution of unintended commands on game servers.

Details

Full details in internal audit document. Finding IDs: CRIT-CONN-02

---

Related Issues (Input Validation Pattern)

• [API] Harden match events gateway authentication and message validation #371 — [API] Harden match events gateway validation
• [Connector] Sanitize user input in offline match manifest generation #404 — [Connector] Sanitize offline match manifest input
• [Connector] Add command validation and whitelist to RCON gateway #405 — [Connector] Add RCON command whitelist
• [Connector] Add authentication to WebRTC datachannel & validate match data DTOs #406 — [Connector] Validate WebRTC datachannel & match DTOs
• [Game Server] Async void anti-pattern & missing command input validation #402 — [Game Server] Missing command input validation