Security Concern: Storing Proxy Passwords in Clear Text

[maxisoft]

There's a potential security risk associated with the current proxy configuration mechanism. The plugin allows users to set proxy information either through environment variables or by editing the freegames.json.config file. However, if a proxy password is provided, it is stored in clear text within the JSON file, even when passed via the environment variable.

This behavior could lead to sensitive data exposure if the configuration file is shared or accidentally leaked.

I propose implementing a mechanism to exclude sensitive data, such as proxy passwords, from being saved to the configuration file. This could involve:

• Removing the proxy password from the configuration file when it's provided via an environment variable.
• Encrypting the proxy password before storing it in the configuration file.
• Providing an alternative, more secure method for storing proxy credentials.

It's crucial to address this issue to protect user data and enhance the plugin's security.