From e02db613147091d9792c1eec9bb7d62ed98d48e3 Mon Sep 17 00:00:00 2001
From: "Pantera (Mad_Daniel)" <89838384+Pantera07@users.noreply.github.com>
Date: Tue, 16 May 2023 00:37:47 +0900
Subject: [PATCH 1/2] Book exploits

---
 readme.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/readme.md b/readme.md
index 2424e7c..4f11a0b 100644
--- a/readme.md
+++ b/readme.md
@@ -28,6 +28,30 @@ entities:
     tick: false
 ```
 
+### Book exploits
+
+Books are a common target for exploitation techniques, and have been used for all sorts of nasty things in the past including duplication exploits, crash exploits, and forcing servers to run out of memory while producing massive amounts of chunk data. 
+
+#### Option 1
+
+Moderately reducing page-max can mitigate 'book exploit' without affecting vanilla clients.
+
+`paper-global.yml`
+```yaml 
+item-validation:
+  book-size:
+    page-max: 1024
+```
+
+#### Option 2
+
+Disabling the book completely prevents the 'book exploit', but prevents players from writing to the book.
+
+`pufferfish.yml`
+```yaml
+enable-books: false
+```
+
 ### Collision lag machines
 
 This exploit is similar to the armor stand one, but instead of armor stands, it uses entities that can be pushed by

From c9279337ab3ddef199ef30fcccf4afc6ae878f78 Mon Sep 17 00:00:00 2001
From: YouHaveTrouble <youhavetrouble@youhavetrouble.me>
Date: Fri, 19 May 2023 23:33:17 +0200
Subject: [PATCH 2/2] more clear wording and more information

---
 readme.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/readme.md b/readme.md
index 4f11a0b..7168e70 100644
--- a/readme.md
+++ b/readme.md
@@ -34,7 +34,7 @@ Books are a common target for exploitation techniques, and have been used for al
 
 #### Option 1
 
-Moderately reducing page-max can mitigate 'book exploit' without affecting vanilla clients.
+Moderately reducing page-max can mitigate most book exploits without affecting vanilla clients.
 
 `paper-global.yml`
 ```yaml 
@@ -45,7 +45,7 @@ item-validation:
 
 #### Option 2
 
-Disabling the book completely prevents the 'book exploit', but prevents players from writing to the book.
+Disabling books completely prevents the most book exploits (as long as plugins don't create non-standard books). Pufferfish config option prevents players from writing to the book, therefore ruling out anything that requires player input to work.
 
 `pufferfish.yml`
 ```yaml