[DigitalPoint] App for Cloudflare® 1.9.7

First of all, this is a big(ish) update...

Large R2 attachments should see the download start much faster for end users (rather than downloading it fully on the server before sending it to user, it's done with streams now). Honestly not sure why I didn't do it that way to begin with, but thanks to @Chris D for pointing out my stupidity oversight. It's still going to be more performant to be using presigned URLs, so the streaming change is only if you aren't using presigned URLs or token authentication for R2 attachments.

The addon now has the ability to pick up Cloudflare geo-location info for users (or more specifically, HTTP requests). This is something I've been doing for a LONG time with internal addons (in vBulletin 3, vBulletin 4, XF1 and XF2). So this was (mostly) just merging an internal addon I already had into this one.

• If you want this to be done just at the country-level, make sure you enable the IP Geolocation setting for your Cloudflare domain/zone.
• If you want this to be done at the region-level, make sure you enable the Add visitor location headers option for your Cloudflare domain/zone.
• If you don't want to do this at all, disable the Log IP address locations setting under Options -> External service providers.

As far as storing all the extra geo data, it's done as efficiently as possible, with a single record for location data needed for each IP. So even if an IP was logged 1,000 times (and even across multiple users), it only needs to store the geo data once per IP. If you delete/purge IPs, the geo data cleans itself up if there no record of the IP being used any longer in the xf_ip table.

There are a couple new permissions that go along with this to allow user groups to see the country someone posted in a thread/sent a direct message from if you want to allow that.

User group permissions -> Forum permissions -> View country flag on posts
User group permissions -> Direct message permissions -> View country flag on messages

• Updated charting library (Chart.js) to 4.4.7
• Fixed issue where R2 egress bandwidth info for a bucket was reporting class B operations instead of class A operations
• Updated call for attaching custom domain to R2 bucket (endpoint changed)
• Attachment contents passed to view as a stream, rather than a string
• CLI tool to migrate data will ignore files with a prefix of local/
• Made change to CLI migration tool so that the multi-process ability is compatible with new version of Symphony (XF 2.3)
• Added new Cloudflare setting (under Security): AI Bots
• Geo-location functionality
  • New option: Admin -> Options -> External service providers -> Log IP address locations
  • New permission: View country flag on posts
  • New permission: View country flag on messages

• Added new Cloudflare setting (under Speed): Speed Brain
• Easy Config enables Speed Brain
• Added support for setting SSL/TLS Encryption Mode to Strict (SSL-only origin pull) (for Enterprise zones)
• Added new Cloudflare setting (under SSL/TLS): Encrypted Client Hello
• Added new Cloudflare setting (under Security): Leaked credentials

• Fixed issue with deleting a Page Cache rule (change to Cloudflare API)
• Fixed issue with changing Cloudflare settings on XenForo 2.3 (was being done with form submission instead of the intended AJAX request)
• Ignore full stat rebuilds (too many API calls [11 per day], it will be impossibly slow, and you will hit API rate limit very quickly, so it would fail anyway)

• Removed workaround to allow non-Duotone icons in admin navigation for XenForo 2.3 (fixed in XF core)
• Added new Cloudflare setting (under Security): Replace insecure JavaScript libraries
• Changed verbiage to be worded better when setting up API token initially

• Removed Brotli compression setting (it's now always on in Cloudflare)
• Removed Minify settings (they have been deprecated and will be removed from Cloudflare soon)
• Removed Server-side Exclude setting (it has been deprecated and will be removed from Cloudflare soon)
• Added option to create Firewall Rule to block AI scrapers & crawlers
• Updated Chart.js library to 4.4.3

• Prevent autocompletion of authentication token (saw a situation where it could be overwritten with an admin's saved password for the site)
• XenForo 2.3 compatibility:
  • Fix for template issue when managing country blocking due to XF core change in 2.3 beta 6
  • Fix various icons that didn't work in 2.3
  • Force 2.3 to allow non-Duotone admin navigation icons

• Added support for CLI tool to migrate existing data to/from internal_data/xfmg
• Added support for local-data mount point in XenForo 2.3
• Added deprecation notice for Auto-Minify setting

• Changed wording of "API tokens & keys" to "API tokens" (no longer allowing global keys, only API tokens)
• Updated charting library (Chart.js) to 4.4.1
• Created workaround for addons being disabled during XenForo upgrades (we need to set the externalDataUrl so that the %ASSET:stylefolder% replacement var works as expected for R2 users when .less templates are compiled). Effectively we are firing our app_setup code event listener even when all addons are disabled during the upgrade process. See this thread.

• Presigned URLs forcibly set Content-Type and Content-Disposition HTTP response headers (fixes situation where something like rclone set incorrect content type for the object in the R2 bucket)
• Cloudflare statistics charts on admin dashboard dynamically resize properly when resizing window
• Added ability for individual API calls to ignore multiple error codes instead of just one
• Changed FsMounts::getFsAdapters method name to FsMounts::getDpFsAdapters to avoid naming collision with XFCloud addon (will need to update FileSystem addon as well if you are using it)

• The API calls necessary to build the Cloudflare settings page are now run in parallel (it's currently 10 API calls that were previously made sequentially). Viewing (and editing) settings is significantly faster now (it's as fast as the single slowest API call, rather than as slow as all 10 API calls added together).
• Added more sanity checks for unexpected Cloudflare API results
• Fixed issue where old public domains wouldn't get enabled when setting up R2 bucket for XenForo data (in a situation where it was an already existing bucket that already had public domain(s) assigned)